Automated Security Audit Testbed For IP-Based IoT Devices Without Physical Access

被引:1
|
作者
Kumar, Ashutosh [1 ]
Peshvani, Brijesh [1 ]
Venkatesan, S. [1 ]
Kumar, Manish [1 ]
Yadav, Suneel [1 ]
Shukla, Sandeep Kumar [2 ]
机构
[1] Indian Inst Informat Technol Allahabad, Dept Informat Technol, Allahabad, Uttar Pradesh, India
[2] Indian Inst Technol Kanpur, Dept Comp Sci & Engn, Kanpur, Uttar Pradesh, India
来源
2023 10TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS: SYSTEMS, MANAGEMENT AND SECURITY, IOTSMS | 2023年
关键词
IoT; Security Testbed; Penetration Testing; Reconnaissance; Device Security; INTERNET; FRAMEWORK;
D O I
10.1109/IOTSMS59855.2023.10325768
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The need for the Internet of Things (IoT) is increasing, and various manufacturers produce devices to cater to the demand. The manufacturers produce the device by considering the performance and cost but do not concentrate on security. Hence, security auditing of the device is required before or while using it in a real-time environment. This paper proposes a security audit testbed to test the security of IoT devices from protocol to the application perspective without accessing the device physically. The proposed testbed includes reconnaissance and penetration testing to identify the vulnerability of the devices. The audit results of multiple IoT devices are presented to show the impact of the proposed testbed in identifying the vulnerabilities. The comparison of security audit testbeds shows that the proposed testbed has more coverage to provide better audit results than others.
引用
收藏
页码:96 / 103
页数:8
相关论文
共 50 条
  • [1] Security Analysis of Device Binding for IP-based IoT Devices
    Chen, Jiongyi
    Sun, Menghan
    Zhang, Kehuan
    2019 IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS WORKSHOPS (PERCOM WORKSHOPS), 2019, : 900 - 905
  • [2] IP-based Testbed for Herd Monitoring
    Schoofs, Anthony
    Daymand, Charles
    Sugar, Robert
    Mueller, Ulrich
    Lachenmann, Andreas
    Kamran, Syed M.
    Gefflaut, Alain
    Thiem, Lasse
    Schuster, Mario
    2009 INTERNATIONAL CONFERENCE ON INFORMATION PROCESSING IN SENSOR NETWORKS (IPSN 2009), 2009, : 365 - 366
  • [3] AVAIN - a Framework for Automated Vulnerability Indication for the IoT in IP-based Networks
    Egert, Rolf
    Grube, Tim
    Born, Dustin
    Muehlhaeuser, Max
    PROCEEDINGS OF THE 2019 INTERNATIONAL CONFERENCE ON NETWORKED SYSTEMS (NETSYS 2019), 2019, : 99 - 101
  • [4] Design and implementation of automated IoT security testbed
    Abu Waraga, Omnia
    Bettayeb, Meriem
    Nasir, Qassim
    Abu Talib, Manar
    COMPUTERS & SECURITY, 2020, 88 (88)
  • [5] A Testbed for Security and Privacy Analysis of IoT Devices
    Tekeoglu, Ali
    Tosun, Ali Saman
    PROCEEDINGS 2016 IEEE 13TH INTERNATIONAL CONFERENCE ON MOBILE AD HOC AND SENSOR SYSTEMS (MASS 2016), 2016, : 343 - 348
  • [6] IP-Based IoT Device Detection
    Guo, Hang
    Heidemann, John
    PROCEEDINGS OF THE 2018 WORKSHOP ON IOT SECURITY AND PRIVACY (IOT S&P '18), 2018, : 36 - 42
  • [7] Automated Hardware Auditing Testbed for UART and SPI based IoT Devices
    Mishra, Shivam
    Ray, Aditya
    Singh, Manpreet
    Venkatesan, S.
    Anand, Anshu S.
    2023 10TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS: SYSTEMS, MANAGEMENT AND SECURITY, IOTSMS, 2023, : 75 - 82
  • [8] Expand security for IP-based threats
    Graydon, Andrew
    COMMUNICATIONS NEWS, 2008, 45 (04): : 36 - +
  • [9] Advanced Security Testbed Framework for Wearable IoT Devices
    Siboni, Shachar
    Shabtai, Asaf
    Tippenhauer, Nils O.
    Lee, Jemin
    Elovici, Yuval
    ACM TRANSACTIONS ON INTERNET TECHNOLOGY, 2016, 16 (04)
  • [10] On the security of security extensions for IP-based KNX networks
    Judmayer, Aljosha
    Krammer, Lukas
    Kastner, Wolfgang
    PROCEEDINGS OF 2014 10TH IEEE WORKSHOP ON FACTORY COMMUNICATION SYSTEMS (WFCS 2014), 2014,
12345