Wenyuan Xu

DOI: https://doi.org/10.1145/3579856.3596442

2023-01-01

Abstract:Vulnerabilities pose a significant challenge in ensuring cybersesecurity for information systems. In the past, vulnerabilities were mainly associated with functional defects in system software and hardware, known as "in-band vulnerabilities," whereby "band" refers to the functional domain. However, with the rapid development of the Internet of Things (IoT), new security issues have emerged that traditional vulnerability categorization may not fully cover. IoT devices rely on sensors and actuators to interact with the real world, but this interaction process between physical and digital systems has created defects that are difficult to analyze and detect. These defects include unintentional coupling effects of sensors from ambient analog signals or abnormal channels that were not intentionally designed, collectively known as "out-of-band vulnerabilities." Various security incidents have highlighted the prevalence of out-of-band vulnerabilities in IoT systems, and their activation can result in serious consequences. To address this issue, we propose a vulnerability categorization framework that includes out-of-band vulnerabilities and provides examples for each category. Our talk highlights the need to shift the research paradigm for system security to encompass both in-band and out-of-band vulnerabilities in the intelligence era. Finally, we explore potential solutions for mitigating out-of-band vulnerabilities and securing IoT devices.

Fei Chen,Duming Luo,Tao Xiang,Ping Chen,Junfeng Fan,Hong-Linh Truong

DOI: https://doi.org/10.1145/3447625

IF: 16.6

2022-01-01

ACM Computing Surveys

Abstract:Recent years have seen the rapid development and integration of the Internet of Things (IoT) and cloud computing. The market is providing various consumer-oriented smart IoT devices; the mainstream cloud service providers are building their software stacks to support IoT services. With this emerging trend even growing, the security of such smart IoT cloud systems has drawn much research attention in recent years. To better understand the emerging consumer-oriented smart IoT cloud systems for practical engineers and new researchers, this article presents a review of the most recent research efforts on existing, real, already deployed consumer-oriented IoT cloud applications in the past five years using typical case studies. Specifically, we first present a general model for the IoT cloud ecosystem. Then, using the model, we review and summarize recent, representative research works on emerging smart IoT cloud system security using 10 detailed case studies, with the aim that the case studies together provide insights into the insecurity of current emerging IoT cloud systems. We further present a systematic approach to conduct a security analysis for IoT cloud systems. Based on the proposed security analysis approach, we review and suggest potential security risk mitigation methods to protect IoT cloud systems. We also discuss future research challenges for the IoT cloud security area.

Wei Zhou,Yan Jia,Yao Yao,Lipeng Zhu,Le Guan,Yuhang Mao,Peng Liu,Yuqing Zhang

DOI: https://doi.org/10.48550/arXiv.1811.03241

2019-06-26

Abstract:A smart home connects tens of home devices to the Internet, where an IoT cloud runs various home automation applications. While bringing unprecedented convenience and accessibility, it also introduces various security hazards to users. Prior research studied smart home security from several aspects. However, we found that the complexity of the interactions among the participating entities (i.e., devices, IoT clouds, and mobile apps) has not yet been systematically investigated. In this work, we conducted an in-depth analysis of five widely-used smart home platforms. Combining firmware analysis, network traffic interception, and blackbox testing, we reverse-engineered the details of the interactions among the participating entities. Based on the details, we inferred three legitimate state transition diagrams for the three entities, respectively. Using these state machines as a reference model, we identified a set of unexpected state transitions. To confirm and trigger the unexpected state transitions, we implemented a set of phantom devices to mimic a real device. By instructing the phantom devices to intervene in the normal entity-entity interactions, we have discovered several new vulnerabilities and a spectrum of attacks against real-world smart home platforms.

Cryptography and Security,Networking and Internet Architecture

Jun Zhou,Zhenfu Cao,Xiaolei Dong,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/mcom.2017.1600363cm

IF: 9.03

2017-01-01

IEEE Communications Magazine

Abstract:The Internet of Things is increasingly becoming a ubiquitous computing service, requiring huge volumes of data storage and processing. Unfortunately, due to the unique characteristics of resource constraints, self-organization, and short-range communication in IoT, it always resorts to the cloud for outsourced storage and computation, which has brought about a series of new challenging security and privacy threats. In this article, we introduce the architecture and unique security and privacy requirements for the next generation mobile technologies on cloud-based IoT, identify the inappropriateness of most existing work, and address the challenging issues of secure packet forwarding and efficient privacy preserving authentication by proposing new efficient privacy preserving data aggregation without public key homomorphic encryption. Finally, several interesting open problems are suggested with promising ideas to trigger more research efforts in this emerging area.

Yan Jia,Luyi Xing,Yuhang Mao,Dongfang Zhao,XiaoFeng Wang,Shangru Zhao,Yuqing Zhang

DOI: https://doi.org/10.1109/sp40000.2020.00051

2020-01-01

Abstract:With the increasing popularity of the Internet of Things (IoT), many IoT cloud platforms have emerged to help the IoT manufacturers connect their devices to their users. Serving the device-user communication is general messaging protocol deployed on the platforms. Less clear, however, is whether such protocols, which are not designed to work in the adversarial environment of IoT, introduce new risks. In this paper, we report the first systematic study on the protection of major IoT clouds (e.g., AWS, Microsoft, IBM) put in place for the arguably most popular messaging protocol - MQTT. We found that these platforms' security additions to the protocol are all vulnerable, allowing the adversary to gain control of the device, launch a large-scale denial-of-service attack, steal the victim's secrets data and fake the victim's device status for deception. We successfully performed end-to-end attacks on these popular IoT clouds and further conducted a measurement study, which demonstrates that the security impacts of our attacks are real, severe and broad. We reported our findings to related parties, which all acknowledged the importance. We further propose new design principles and an enhanced access model MOUCON. We implemented our protection on a popular open-source MQTT server. Our evaluation shows its high effectiveness and negligible performance overhead.

Wei Wang,Peng Xu,Laurence Tianruo Yang

DOI: https://doi.org/10.1109/mcc.2018.111122026

2018-01-01

IEEE Cloud Computing

Abstract:The cloud-assisted Internet of Things (IoT) provides a promising solution to data booming problems for the ability constraints of individual objects. However, with the leverage of cloud, IoT faces new security challenges for data mutuality between two parties, which is introduced for the first time in this paper and not currently addressed by traditional approaches. We investigate a secure cloud-assisted IoT data managing method to protect data confidentiality when collecting, storing, and accessing IoT data while limiting to effects of IoT scalability. We further present numerical results to show that the method is practical.

Bin Yuan,Yan Jia,Luyi Xing,Dongfang Zhao,XiaoFeng Wang,Deqing Zou,Hai Jin,Yuqing Zhang

2020-01-01

Abstract:IoT clouds facilitate the communication between IoT devices and users, and authorize users' access to their devices. In this paradigm, an IoT device is usually managed under a particular IoT cloud designated by the device vendor, e.g., Philips bulbs are managed under Philips Hue cloud. Today's mainstream IoT clouds also support device access delegation across different vendors (e.g., Philips Hue, LIFX, etc.) and cloud providers (e.g., Google, IFTTT, etc.): for example, Philips Hue and SmartThings clouds support to delegate device access to another cloud such as Google Home, so a user can manage multiple devices from different vendors all through Google Home. Serving this purpose are the IoT delegation mechanisms developed and utilized by IoT clouds, which we found are heterogeneous and ad-hoc in the wild, in the absence of a standardized delegation protocol suited for IoT environments. In this paper, we report the first systematic study on real-world IoT access delegation, based upon a semi-automatic verification tool we developed. Our study brought to light the pervasiveness of security risks in these delegation mechanisms, allowing the adversary (e.g., Airbnb tenants, former employees) to gain unauthorized access to the victim's devices (e.g., smart locks) or impersonate the devices to trigger other devices. We confirmed the presence of critical security flaws in these mechanisms through end-to-end exploits on them, and further conducted a measurement study. Our research demonstrates the serious consequences of these exploits and the security implications of the practice today for building these mechanisms. We reported our findings to related parties, which acknowledged the problems. We further propose principles for developing more secure cross-cloud IoT delegation services, before a standardized solution can be widely deployed.

Ze Jin,Luyi Xing,Yiwei Fang,Yan Jia,Bin Yuan,Qixu Liu

DOI: https://doi.org/10.1145/3548606.3560680

2022-01-01

Abstract:ABSTRACTModern IoT device manufacturers are taking advantage of the managed Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) IoT clouds (e.g., AWS IoT, Azure IoT) for secure and convenient IoT development/deployment. The IoT access control is achieved by manufacturer-specified, cloud-enforced IoT access policies (cloud-standard JSON documents, called IoT Policies) stating which users can access which IoT devices/resources under what constraints. In this paper, we performed a systematic study on the security of cloud-based IoT access policies on modern PaaS/IaaS IoT clouds. Our research shows that the complexity in the IoT semantics and enforcement logic of the policies leaves tremendous space for device manufacturers to program a flawed IoT access policy, introducing convoluted logic flaws which are non-trivial to reason about. In addition to challenges/mistakes in the design space, it is astonishing to find that mainstream device manufacturers also generally make critical mistakes in deploying IoT Policies thanks to the flexibility offered by PaaS/IaaS clouds and the lack of standard practices for doing so. Our assessment of 36 device manufacturers and 310 open-source IoT projects highlights the pervasiveness and seriousness of the problems, which once exploited, can have serious impacts on IoT users' security, safety, and privacy. To help manufacturers identify and easily fix IoT Policy flaws, we introduce P-Verifier, a formal verification tool that can automatically verify cloud-based IoT Policies. With evaluated high effectiveness and low performance overhead, P-Verifier will contribute to elevating security assurance in modern IoT deployments and access control. We responsibly reported all findings to affected vendors and fixes were deployed or on the way.

Xin Su,Ziyu Wang,Xiaofeng Liu,Chang Choi,Dongmin Choi

DOI: https://doi.org/10.1155/2018/4296934

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:Including mobile environment, conventional security mechanisms have been adapted to satisfy the needs of users. However, the device environment-IoT-based number of connected devices is quite different to the previous traditional desktop PC-or mobile-based environment. Based on the IoT, different kinds of smart and mobile devices are fully connected automatically via device controller, such as smartphone. Therefore, controller must be secure compared to conventional security mechanism. According to the existing security threats, these are quite different from the previous ones. Thus, the countermeasures applied should be changed. However, the smart device-based authentication techniques that have been proposed to date are not adequate in terms of usability and security. From the viewpoint of usability, the environment is based on mobility, and thus devices are designed and developed to enhance their owners' efficiency. Thus, in all applications, there is a need to consider usability, even when the application is a security mechanism. Typically, mobility is emphasized over security. However, considering that the major characteristic of a device controller is deeply related to its owner's private information, a security technique that is robust to all kinds of attacks is mandatory. In this paper, we focus on security. First, in terms of security achievement, we investigate and categorize conventional attacks and emerging issues and then analyze conventional and existing countermeasures, respectively. Finally, as countermeasure concepts, we propose several representative methods.

Wei Zhou,Yan Jia,Yao Yao,Lipeng Zhu,Le Guan,Yuhang Mao,Peng Liu,Yuqing Zhang

2018-01-01

Abstract:Smart home connects tens of home devices into the Internet, running a smart algorithm in the cloud that sends remote commands to the devices. While bringing unprecedented convenience, accessibility, and efficiency, it also introduces safety hazards to users. Prior research studied smart home security from various aspects. However, we found that the complexity of the interactions among the participating entities (device, IoT cloud, and mobile app) has not yet been systematically investigated. In this work, we conducted an in-depth analysis to four widely used smart home solutions. Combining firmware reverse-engineering, network traffic interception, and black-box testing, we distill the general state transitions representing the complex interactions among the three entities. Based on the state machine, we reveal several vulnerabilities that lead to unexpected state transitions. While these minor security flaws appear to be irrelevant, we show that combining them in a surprising way poses serious security or privacy hazards to smart home users. To this end, five concrete attacks are constructed and illustrated. We also discuss the implications of the disclosed attacks in the context of business competition. Finally, we propose some general design suggestions for building a more secure smart home solution.

Giancarlo Fortino,Antonio Guerrieri,Pasquale Pace,Claudio Savaglio,Giandomenico Spezzano

DOI: https://doi.org/10.3390/s22062196

2022-03-11

Abstract:For simplifying and speeding up the development of the Internet of Things (IoT) ecosystem, there has been a proliferation of IoT platforms, built up according to different design principles, computing paradigms, technologies, and targets. This paper proposes a review of main examples populating the wide landscape of IoT platforms and their comparison based on the IoT-A reference architecture. In such a way, heterogeneous IoT platforms (both current and future) can be analyzed regardless of their low-level specifications but exclusively through the lens of those key functionalities and architectural building blocks that enable the interplay among devices, data flow, software, and stakeholders within the IoT ecosystem. Among these, security by design (i.e., the inclusion of security design principles, technology, and governance at every level) must be integrated into every tier, component, and application to minimize the risk of cyber threats and preserve the integrity of the IoT platforms, not only within individual components but also for all the components working together as a whole.

Hui Liu,Juanru Li,Dawu Gu

DOI: https://doi.org/10.1016/j.cose.2020.102000

IF: 5.105

2020-01-01

Computers & Security

Abstract:In recent years IoT platforms and smart-home systems have rapidly grown. Meanwhile, mobile apps have been widely accepted as user interfaces in these consumer IoTs, allowing users to retrieve processed data and issue specific commands. We notice that these companion apps are also used as gateways, providing Internet connectivity for resource-constrained devices, and its mobility advantage over static gateways further promotes applications of this kind. In this paper, we extracted this pattern into a new architecture called app-in-the-middle IoT. We provided a holistic view of what app-in-the-middle IoT is and introduced its attack surface by comparing it with two well-studied IoT architectures, which we refer to as cloud-in-the-middle IoT and trigger-action platform IoT. We detailed the similarities and differences between the three architectures, derived security goals of app-in-the-middle IoT, and drew the key to analyzing it from authentication, access control, and availability aspects. We adopted a method of building an abstract model and extracting the concept of token from the working process. To achieve security goals, the token needs to own these properties: mutual authentication, unforgeability, and resistance to replay attacks. We argue that the role the app plays is critical to the working process, which affects how the properties of the token are satisfied. During analysis, we find that the application scenarios significantly influence the role of the app. Therefore, we discussed the security of different situations separately. For each scenario, we indicated how the token should be generated and distributed to meet the security goals, and summarized several security rules. We analyzed several practical cases, which demonstrate that violating these rules can lead to severe consequences, such as unauthorized access, information leakage, irrevocable authorization, and device hijack.

Xinbo Ban,Ming Ding,Shigang Liu,Chao Chen,Jun Zhang

DOI: https://doi.org/10.1007/978-3-031-23020-2_15

2022-01-01

Abstract:The introduction of the Internet of Things (IoT) ecosystem into public and private sectors has markedly changed the way people live, work, and entertain through integrating the digital system with the physical world. However, the production of new scenarios and architectures in IoT ecosystems introduces previously unknown security threats due to the vulnerabilities in the IoT software. Since various vulnerabilities lead to unexpected consequences in different parts of the IoT ecosystem, we propose 'security domain' to categorize the origin of the threats properly, including 'physical device', 'operation rule', and 'communication'. The research community has conducted a significant amount of work in the area of vulnerability discovery by utilizing 'code intelligence', representing code analysis techniques based on different types of code. With the focus on the security domains, we review recent representative work published in the dominant time to investigate the emerging research. Also, we summarize the research methodology commonly adopted in this fast-growing area. In consonance with the phases of the research methodology, each paper that discovers IoT vulnerabilities is comprehensively studied. Challenges and future work in this area have been discussed as well.

Nan Zhang,Soteris Demetriou,Xianghang Mi,Wenrui Diao,Kan Yuan,Peiyuan Zong,Feng Qian,XiaoFeng Wang,Kai Chen,Yuan Tian,Carl A. Gunter,Kehuan Zhang,Patrick Tague,Yue-Hsun Lin

DOI: https://doi.org/10.48550/arXiv.1703.09809

2017-03-29

Abstract:Inspired by the boom of the consumer IoT market, many device manufacturers, start-up companies and technology giants have jumped into the space. Unfortunately, the exciting utility and rapid marketization of IoT, come at the expense of privacy and security. Industry reports and academic work have revealed many attacks on IoT systems, resulting in privacy leakage, property loss and large-scale availability problems. To mitigate such threats, a few solutions have been proposed. However, it is still less clear what are the impacts they can have on the IoT ecosystem. In this work, we aim to perform a comprehensive study on reported attacks and defenses in the realm of IoT aiming to find out what we know, where the current studies fall short and how to move forward. To this end, we first build a toolkit that searches through massive amount of online data using semantic analysis to identify over 3000 IoT-related articles. Further, by clustering such collected data using machine learning technologies, we are able to compare academic views with the findings from industry and other sources, in an attempt to understand the gaps between them, the trend of the IoT security risks and new problems that need further attention. We systemize this process, by proposing a taxonomy for the IoT ecosystem and organizing IoT security into five problem areas. We use this taxonomy as a beacon to assess each IoT work across a number of properties we define. Our assessment reveals that relevant security and privacy problems are far from solved. We discuss how each proposed solution can be applied to a problem area and highlight their strengths, assumptions and constraints. We stress the need for a security framework for IoT vendors and discuss the trend of shifting security liability to external or centralized entities. We also identify open research problems and provide suggestions towards a secure IoT ecosystem.

Cryptography and Security

Miao Yu,Jianwei Zhuge,Ming Cao,Zhiwei Shi,Lin Jiang

DOI: https://doi.org/10.3390/fi12020027

2020-01-01

Future Internet

Abstract:With the prosperity of the Internet of Things (IoT) industry environment, the variety and quantity of IoT devices have grown rapidly. IoT devices have been widely used in smart homes, smart wear, smart manufacturing, smart cars, smart medical care, and many other life-related fields. With it, security vulnerabilities of IoT devices are emerging endlessly. The proliferation of security vulnerabilities will bring severe risks to users’ privacy and property. This paper first describes the research background, including IoT architecture, device components, and attack surfaces. We review state-of-the-art research on IoT device vulnerability discovery, detection, mitigation, and other related works. Then, we point out the current challenges and opportunities by evaluation. Finally, we forecast and discuss the research directions on vulnerability analysis techniques of IoT devices.

Fan Wu,Xiong Li,Lili Xu,Arun Kumar Sangaiah,Joel J. P. C. Rodrigues

DOI: https://doi.org/10.1109/mce.2018.2851744

2018-01-01

IEEE Consumer Electronics Magazine

Abstract:As a popular conception, the Internet of Things (IoT) allows people to access more and more data around the world. However, a concern arises of how to store the large amount of data created through this technology. To solve the problem, cloud computing services are brought in as a critical technology. However, it is necessary to guard the private information that is collected via IoT devices and s...

Quanyan Zhu,Stefan Rass,Peter Schartner

DOI: https://doi.org/10.48550/arXiv.1810.00281

2018-09-30

Abstract:With more and more devices becoming connectable to the internet, the number of services but also a lot of threats increases dramatically. Security is often a secondary matter behind functionality and comfort, but the problem has already been recognized. Still, with many IoT devices being deployed already, security will come step-by-step and through updates, patches and new versions of apps and IoT software. While these updates can be safely retrieved from app stores, the problems kick in via jailbroken devices and with the variety of untrusted sources arising on the internet. Since hacking is typically a community effort? these days, security could be a community goal too. The challenges are manifold, and one reason for weak or absent security on IoT devices is their weak computational power. In this chapter, we discuss a community based security mechanism in which devices mutually aid each other in secure software management. We discuss game-theoretic methods of community formation and light-weight cryptographic means to accomplish authentic software deployment inside the IoT device community.

Computers and Society,Cryptography and Security

Jianwei Hou,Leilei Qu,Wenchang Shi

DOI: https://doi.org/10.1016/j.comnet.2018.11.026

IF: 5.493

2018-01-01

Computer Networks

Abstract:As the Internet of Things (IoT) sees an increasing use in the society, the security challenge it faces is becoming more and more severe. Data collected and shared in the IoT plays an important role in the significance of the IoT. Observing from a data perspective may be of great help in understanding IoT security. Though a number of surveys on IoT security have been out there, none of them is from such a perspective. To fill the gap, this paper investigates IoT security from data perspectives. Combining the concept of typical IoT architectures with data life cycles, the paper proposes a three-dimensional approach to exploring IoT security, i.e., with the one-stop, multi-stop and end-application dimensions. The one-stop dimension explores IoT security by observing data on an IoT device, the multi-stop dimension by observing data among a group of IoT entities, and the end-application dimension by observing data used in IoT applications. While data may flow from IoT end-point devices through the Internet to a cloud or vice versa, the most demanding IoT-specific issues are in the space from IoT end-point devices to the border of the Internet, therefore the paper focuses on this space. The one-stop dimension discusses IoT security with respect to data that may flow from and to an end-point device. The multi-stop dimension works from the angle of data among a group of IoT entities, concerning secure communication, authentication and access control. The end-application dimension acts from the viewpoint of data usage in IoT applications, covering privacy, forensics, and social or legal challenges of the entire system. The paper makes an in-depth analysis of the latest development in IoT security by observing from data perspectives, summarizing open issues and suggesting promising directions for further research and applications of IoT security.

Zhen Ling,Kaizheng Liu,Yiling Xu,Chao Gao,Yier Jin,Cliff Zou,Xinwen Fu,Wei Zhao

DOI: https://doi.org/10.48550/arXiv.1805.05853

2018-05-15

Abstract:In this paper, we present an end-to-end view of IoT security and privacy and a case study. Our contribution is three-fold. First, we present our end-to-end view of an IoT system and this view can guide risk assessment and design of an IoT system. We identify 10 basic IoT functionalities that are related to security and privacy. Based on this view, we systematically present security and privacy requirements in terms of IoT system, software, networking and big data analytics in the cloud. Second, using the end-to-end view of IoT security and privacy, we present a vulnerability analysis of the Edimax IP camera system. We are the first to exploit this system and have identified various attacks that can fully control all the cameras from the manufacturer. Our real-world experiments demonstrate the effectiveness of the discovered attacks and raise the alarms again for the IoT manufacturers. Third, such vulnerabilities found in the exploit of Edimax cameras and our previous exploit of Edimax smartplugs can lead to another wave of Mirai attacks, which can be either botnets or worm attacks. To systematically understand the damage of the Mirai malware, we model propagation of the Mirai and use the simulations to validate the modeling. The work in this paper raises the alarm again for the IoT device manufacturers to better secure their products in order to prevent malware attacks like Mirai.

Cryptography and Security

Behrouz Zolfaghari,Abbas Yazdinejad,Ali Dehghantanha,Jacob Krzciok,Khodakhast Bibak

DOI: https://doi.org/10.48550/arXiv.2207.01590

2022-10-25

Abstract:In recent years, the existence of a significant cross-impact between Cloud computing and Internet of Things (IoT) has lead to a dichotomy that gives raise to Cloud-Assisted IoT (CAIoT) and IoT-Based Cloud (IoTBC). Although it is pertinent to study both technologies, this paper focuses on CAIoT, and especially its security issues, which are inherited from both Cloud computing and IoT. This study starts with reviewing existing relevant surveys, noting their shortcomings, which motivate a comprehensive survey in this area. We proceed to highlight existing approaches towards the design of Secure CAIoT (SCAIoT) along with related security challenges and controls. We develop a layered architecture for SCAIoT. Furthermore, we take a look at what the future may hold for SCAIoT with a focus on the role of Artificial Intelligence(AI).

Cryptography and Security