Analysis on IOT security

Abstract

The Internet of Things is currently present in almost every aspect of our lives. As a result of this security becomes paramount to its continued success. Over the past several months we have worked to develop a system for exploiting Internet of Things devices after coming to the conclusion that the current state of the Internet of Things is lacking. The exploitation techniques utilized against these devices range from simple DOS attacks to reverse engineering applications in order to get obtain credentials or exploit pre-existing libraries. Each of the exploits discussed within the methodology unless specified was developed as a result of an exploit utilized in the security lab where participants could partake in exploiting Internet of Things devices. The development process of the framework was primarily done by first teaching security basics to the participants. The participants then would then utilize the techniques they were taught. Some techniques were incredibly successful due to their simplicity while other much more complex techniques were unable to be fully utilized. In general, the simpler the technique the more success participants had with the result and the more likely they were to utilize the technique. Incredibly complex techniques r that would take hours to implement tended to fail due to either the time permitted in the lab or the knowledge level of the participants. The necessity of this framework became more apparent after research expanded the application of the Internet of Things to include life critical systems such as pacemakers and automobiles. A very grim picture of the current state of IOT became more apparent as researchers have looked into solutions to minimize damage rather than prevent it. The usage of this exploitation framework is not intended to be malicious rather the hope is that the framework is utilized in order to perform testing on Internet of Things devices before they are inevitably released to the public. It is also planned that the framework will continue to grow and expand before it is utilized more extensively on additional commercial products.The Internet of Things is currently present in almost every aspect of our lives. As a result of this security becomes paramount to its continued success. Over the past several months we have worked to develop a system for exploiting Internet of Things devices after coming to the conclusion that the current state of the Internet of Things is lacking. The exploitation techniques utilized against these devices range from simple DOS attacks to reverse engineering applications in order to get obtain credentials or exploit pre-existing libraries. Each of the exploits discussed within the methodology unless specified was developed as a result of an exploit utilized in the security lab where participants could partake in exploiting Internet of Things devices. The development process of the framework was primarily done by first teaching security basics to the participants. The participants then would then utilize the techniques they were taught. Some techniques were incredibly successful due to their simplicity while other much more complex techniques were unable to be fully utilized. In general, the simpler the technique the more success participants had with the result and the more likely they were to utilize the technique. Incredibly complex techniques r that would take hours to implement tended to fail due to either the time permitted in the lab or the knowledge level of the participants. The necessity of this framework became more apparent after research expanded the application of the Internet of Things to include life critical systems such as pacemakers and automobiles. A very grim picture of the current state of IOT became more apparent as researchers have looked into solutions to minimize damage rather than prevent it. The usage of this exploitation framework is not intended to be malicious rather the hope is that the framework is utilized in order to perform testing on Internet of Things devices before they are inevitably released to the public. It is also planned that the framework will continue to grow and expand before it is utilized more extensively on additional commercial products.The Internet of Things is currently present in almost every aspect of our lives. As a result of this security becomes paramount to its continued success. Over the past several months we have worked to develop a system for exploiting Internet of Things devices after coming to the conclusion that the current state of the Internet of Things is lacking. The exploitation techniques utilized against these devices range from simple DOS attacks to reverse engineering applications in order to get obtain credentials or exploit pre-existing libraries. Each of the exploits discussed within the methodology unless specified was developed as a result of an exploit utilized in the security lab where participants could partake in exploiting Internet of Things devices. The development process of the framework was primarily done by first teaching security basics to the participants. The participants then would then utilize the techniques they were taught. Some techniques were incredibly successful due to their simplicity while other much more complex techniques were unable to be fully utilized. In general, the simpler the technique the more success participants had with the result and the more likely they were to utilize the technique. Incredibly complex techniques r that would take hours to implement tended to fail due to either the time permitted in the lab or the knowledge level of the participants. The necessity of this framework became more apparent after research expanded the application of the Internet of Things to include life critical systems such as pacemakers and automobiles. A very grim picture of the current state of IOT became more apparent as researchers have looked into solutions to minimize damage rather than prevent it. The usage of this exploitation framework is not intended to be malicious rather the hope is that the framework is utilized in order to perform testing on Internet of Things devices before they are inevitably released to the public. It is also planned that the framework will continue to grow and expand before it is utilized more extensively on additional commercial products.