Abstract:
The Internet of Things is currently present in almost every aspect of our lives. As a result of this
security becomes paramount to its continued success. Over the past several months we have
worked to develop a system for exploiting Internet of Things devices after coming to the
conclusion that the current state of the Internet of Things is lacking. The exploitation techniques
utilized against these devices range from simple DOS attacks to reverse engineering applications
in order to get obtain credentials or exploit pre-existing libraries. Each of the exploits discussed
within the methodology unless specified was developed as a result of an exploit utilized in the
security lab where participants could partake in exploiting Internet of Things devices.
The development process of the framework was primarily done by first teaching security basics
to the participants. The participants then would then utilize the techniques they were taught.
Some techniques were incredibly successful due to their simplicity while other much more
complex techniques were unable to be fully utilized. In general, the simpler the technique the
more success participants had with the result and the more likely they were to utilize the
technique. Incredibly complex techniques r that would take hours to implement tended to fail
due to either the time permitted in the lab or the knowledge level of the participants.
The necessity of this framework became more apparent after research expanded the application
of the Internet of Things to include life critical systems such as pacemakers and automobiles. A
very grim picture of the current state of IOT became more apparent as researchers have looked
into solutions to minimize damage rather than prevent it.
The usage of this exploitation framework is not intended to be malicious rather the hope is that
the framework is utilized in order to perform testing on Internet of Things devices before they
are inevitably released to the public. It is also planned that the framework will continue to grow
and expand before it is utilized more extensively on additional commercial products.The Internet of Things is currently present in almost every aspect of our lives. As a result of this
security becomes paramount to its continued success. Over the past several months we have
worked to develop a system for exploiting Internet of Things devices after coming to the
conclusion that the current state of the Internet of Things is lacking. The exploitation techniques
utilized against these devices range from simple DOS attacks to reverse engineering applications
in order to get obtain credentials or exploit pre-existing libraries. Each of the exploits discussed
within the methodology unless specified was developed as a result of an exploit utilized in the
security lab where participants could partake in exploiting Internet of Things devices.
The development process of the framework was primarily done by first teaching security basics
to the participants. The participants then would then utilize the techniques they were taught.
Some techniques were incredibly successful due to their simplicity while other much more
complex techniques were unable to be fully utilized. In general, the simpler the technique the
more success participants had with the result and the more likely they were to utilize the
technique. Incredibly complex techniques r that would take hours to implement tended to fail
due to either the time permitted in the lab or the knowledge level of the participants.
The necessity of this framework became more apparent after research expanded the application
of the Internet of Things to include life critical systems such as pacemakers and automobiles. A
very grim picture of the current state of IOT became more apparent as researchers have looked
into solutions to minimize damage rather than prevent it.
The usage of this exploitation framework is not intended to be malicious rather the hope is that
the framework is utilized in order to perform testing on Internet of Things devices before they
are inevitably released to the public. It is also planned that the framework will continue to grow
and expand before it is utilized more extensively on additional commercial products.The Internet of Things is currently present in almost every aspect of our lives. As a result of this
security becomes paramount to its continued success. Over the past several months we have
worked to develop a system for exploiting Internet of Things devices after coming to the
conclusion that the current state of the Internet of Things is lacking. The exploitation techniques
utilized against these devices range from simple DOS attacks to reverse engineering applications
in order to get obtain credentials or exploit pre-existing libraries. Each of the exploits discussed
within the methodology unless specified was developed as a result of an exploit utilized in the
security lab where participants could partake in exploiting Internet of Things devices.
The development process of the framework was primarily done by first teaching security basics
to the participants. The participants then would then utilize the techniques they were taught.
Some techniques were incredibly successful due to their simplicity while other much more
complex techniques were unable to be fully utilized. In general, the simpler the technique the
more success participants had with the result and the more likely they were to utilize the
technique. Incredibly complex techniques r that would take hours to implement tended to fail
due to either the time permitted in the lab or the knowledge level of the participants.
The necessity of this framework became more apparent after research expanded the application
of the Internet of Things to include life critical systems such as pacemakers and automobiles. A
very grim picture of the current state of IOT became more apparent as researchers have looked
into solutions to minimize damage rather than prevent it.
The usage of this exploitation framework is not intended to be malicious rather the hope is that
the framework is utilized in order to perform testing on Internet of Things devices before they
are inevitably released to the public. It is also planned that the framework will continue to grow
and expand before it is utilized more extensively on additional commercial products.