Automated Security Audit Testbed For IP-Based IoT Devices Without Physical Access

被引：1

作者：

Kumar, Ashutosh ^{[1
]}

Peshvani, Brijesh ^{[1
]}

Venkatesan, S. ^{[1
]}

Kumar, Manish ^{[1
]}

Yadav, Suneel ^{[1
]}

Shukla, Sandeep Kumar ^{[2
]}

机构：

[1] Indian Inst Informat Technol Allahabad, Dept Informat Technol, Allahabad, Uttar Pradesh, India

[2] Indian Inst Technol Kanpur, Dept Comp Sci & Engn, Kanpur, Uttar Pradesh, India

来源：

2023 10TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS: SYSTEMS, MANAGEMENT AND SECURITY, IOTSMS | 2023年

关键词：

IoT; Security Testbed; Penetration Testing; Reconnaissance; Device Security; INTERNET; FRAMEWORK;

D O I：

10.1109/IOTSMS59855.2023.10325768

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The need for the Internet of Things (IoT) is increasing, and various manufacturers produce devices to cater to the demand. The manufacturers produce the device by considering the performance and cost but do not concentrate on security. Hence, security auditing of the device is required before or while using it in a real-time environment. This paper proposes a security audit testbed to test the security of IoT devices from protocol to the application perspective without accessing the device physically. The proposed testbed includes reconnaissance and penetration testing to identify the vulnerability of the devices. The audit results of multiple IoT devices are presented to show the impact of the proposed testbed in identifying the vulnerabilities. The comparison of security audit testbeds shows that the proposed testbed has more coverage to provide better audit results than others.

引用

页码：96 / 103

页数：8

共 50 条

[21] An IP-Based Triggering Method for LTE MTC Devices
Starsinic, Michael
Mohamed, Ahmed S. Ibrahim
Lu, Guang
Seed, Dale
Aghili, Behrouz
Wang, Chonggang
Palanisamy, Suresh
Murthy, Prashanth
2015 Wireless Telecommunications Symposium (WTS), 2015,
[22] IP-based mobility management for heterogeneous wireless access
Einsiedler, H. J.
von Hugo, D.
ADVANCES IN RADIO SCIENCE, 2012, 10 : 319 - 325
[23] Optical access architecture for delivering IP-based services
Lightwave, 2000, 17 (07):
[24] The LEO satellite IP-based network without ISLs
Liu, G
Gou, DY
Wu, SQ
PIMRC 2003: 14TH IEEE 2003 INTERNATIONAL SYMPOSIUM ON PERSONAL, INDOOR AND MOBILE RADIO COMMUNICATIONS PROCEEDINGS, VOLS 1-3 2003, 2003, : 415 - 419
[25] A License Audit Model for Secure DRM Systems in IP-based Environments
Jang, Ui Jin
Lim, Hyung-Min
Shin, Yong-Tae
JOURNAL OF INFORMATION PROCESSING SYSTEMS, 2010, 6 (02): : 253 - 260
[26] Security and IP-based 3G wireless networks
La Porta, TF
ICCCN 2005: 14th International Conference on Computer Communications and Networks, Proceedings, 2005, : 211 - 211
[27] Security risks in introduction of IP-based mobile wireless systems
Michiwaki, S.
CIGRE Session 46, 2016, 2016-August
[28] Network security considerations in TCP/IP-based manufacturing automation
DePriest, MS
ISA TRANSACTIONS, 1997, 36 (01) : 37 - 48
[29] Security analysis for IP-based government emergency telephony service
Cao, Feng
Malik, Saadat
FIRST INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2006, : 496 - +
[30] Towards a Security Architecture for IP-Based Optical Transmission Systems
Hofmann, Stefan
Kasseckert, Rudolf
BELL LABS TECHNICAL JOURNAL, 2011, 16 (01) : 133 - 153

← 1 2 3 4 5 →