Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild

Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild

With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to compromise IoT devices and launch cyber attacks....

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ACM transactions on sensor networks 2023-10, Vol.20 (1), p.1-26, Article 6
Hauptverfasser: Song, Jinke, Wan, Shangfeng, Huang, Min, Liu, Jiqiang, Sun, Limin, Li, Qiang
Format: Artikel
Sprache:eng
Schlagworte:
Network security
Security and privacy
Vulnerability management
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 26
container_issue 1
container_start_page 1
container_title ACM transactions on sensor networks
container_volume 20
creator Song, Jinke
Wan, Shangfeng
Huang, Min
Liu, Jiqiang
Sun, Limin
Li, Qiang
description With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to compromise IoT devices and launch cyber attacks. However, despite this growing concern, little effort has been made to investigate the detection of IoT devices and their underlying risks. To address this gap, this article proposes to automatically establish relationships between IoT devices and their vulnerabilities in the wild. Specifically, we construct a deep neural network (DNN) to extract semantic information from IoT packets and generate fine-grained fingerprints of IoT devices. This enables us to annotate IoT devices in cyberspace, including their device type, vendor, and product information. We collect vulnerability reports from various security sources and extract IoT device information from these reports to automatically match vulnerabilities with the fingerprints of IoT devices. We implemented a prototype system and conducted extensive experiments to validate the effectiveness of our approach. The results show that our DNN model achieved a 98% precision rate and a 95% recall rate in IoT device fingerprinting. Furthermore, we collected and analyzed over 13,063 IoT-related vulnerability reports and our method automatically built 5,458 connections between IoT device fingerprints and their vulnerabilities. These findings shed light on the ongoing threat of cyber-attacks on IoT systems as both IoT devices and disclosed vulnerabilities are targets for malicious attackers.
doi_str_mv 10.1145/3608951
format Article
fullrecord <record><control><sourceid>acm_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1145_3608951</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3608951</sourcerecordid><originalsourceid>FETCH-LOGICAL-a239t-2f8ee384c944cefb28dc1a2b6140be5423d09a5450a152b134fab514911f862c3</originalsourceid><addsrcrecordid>eNo9kD1PwzAYhC0EEqUgdiZvTAG__gjOWBUKlSKxBBgj27GpkZMg26Xqv6eopdOd7h7dcAhdA7kD4OKelURWAk7QBIQgBZflw-nRi-ocXaT0RQhjnJEJqptxo2KHZ-s89ip7o0LY4vk4DNZkP3zi5djgR_vjjU144_MKv6_DYKPSPvjsd6EfcF5Z_OFDd4nOnArJXh10it4WT838pahfn5fzWV0oyqpcUCetZZKbinNjnaayM6CoLoETbQWnrCOVElwQBYJqYNwpLYBXAE6W1LAput3vmjimFK1rv6PvVdy2QNq_E9rDCTvyZk8q0x-h__IXkYRWZQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild</title><source>ACM Digital Library Complete</source><creator>Song, Jinke ; Wan, Shangfeng ; Huang, Min ; Liu, Jiqiang ; Sun, Limin ; Li, Qiang</creator><creatorcontrib>Song, Jinke ; Wan, Shangfeng ; Huang, Min ; Liu, Jiqiang ; Sun, Limin ; Li, Qiang</creatorcontrib><description>With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to compromise IoT devices and launch cyber attacks. However, despite this growing concern, little effort has been made to investigate the detection of IoT devices and their underlying risks. To address this gap, this article proposes to automatically establish relationships between IoT devices and their vulnerabilities in the wild. Specifically, we construct a deep neural network (DNN) to extract semantic information from IoT packets and generate fine-grained fingerprints of IoT devices. This enables us to annotate IoT devices in cyberspace, including their device type, vendor, and product information. We collect vulnerability reports from various security sources and extract IoT device information from these reports to automatically match vulnerabilities with the fingerprints of IoT devices. We implemented a prototype system and conducted extensive experiments to validate the effectiveness of our approach. The results show that our DNN model achieved a 98% precision rate and a 95% recall rate in IoT device fingerprinting. Furthermore, we collected and analyzed over 13,063 IoT-related vulnerability reports and our method automatically built 5,458 connections between IoT device fingerprints and their vulnerabilities. These findings shed light on the ongoing threat of cyber-attacks on IoT systems as both IoT devices and disclosed vulnerabilities are targets for malicious attackers.</description><identifier>ISSN: 1550-4859</identifier><identifier>EISSN: 1550-4867</identifier><identifier>DOI: 10.1145/3608951</identifier><language>eng</language><publisher>New York, NY: ACM</publisher><subject>Network security ; Security and privacy ; Vulnerability management</subject><ispartof>ACM transactions on sensor networks, 2023-10, Vol.20 (1), p.1-26, Article 6</ispartof><rights>Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-a239t-2f8ee384c944cefb28dc1a2b6140be5423d09a5450a152b134fab514911f862c3</cites><orcidid>0009-0003-4319-9304 ; 0000-0001-9833-2836 ; 0000-0003-3758-409X ; 0000-0003-2745-7521 ; 0000-0003-1147-4327 ; 0000-0003-1458-9410</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://dl.acm.org/doi/pdf/10.1145/3608951$$EPDF$$P50$$Gacm$$H</linktopdf><link.rule.ids>314,780,784,2282,27924,27925,40196,76228</link.rule.ids></links><search><creatorcontrib>Song, Jinke</creatorcontrib><creatorcontrib>Wan, Shangfeng</creatorcontrib><creatorcontrib>Huang, Min</creatorcontrib><creatorcontrib>Liu, Jiqiang</creatorcontrib><creatorcontrib>Sun, Limin</creatorcontrib><creatorcontrib>Li, Qiang</creatorcontrib><title>Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild</title><title>ACM transactions on sensor networks</title><addtitle>ACM TOSN</addtitle><description>With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to compromise IoT devices and launch cyber attacks. However, despite this growing concern, little effort has been made to investigate the detection of IoT devices and their underlying risks. To address this gap, this article proposes to automatically establish relationships between IoT devices and their vulnerabilities in the wild. Specifically, we construct a deep neural network (DNN) to extract semantic information from IoT packets and generate fine-grained fingerprints of IoT devices. This enables us to annotate IoT devices in cyberspace, including their device type, vendor, and product information. We collect vulnerability reports from various security sources and extract IoT device information from these reports to automatically match vulnerabilities with the fingerprints of IoT devices. We implemented a prototype system and conducted extensive experiments to validate the effectiveness of our approach. The results show that our DNN model achieved a 98% precision rate and a 95% recall rate in IoT device fingerprinting. Furthermore, we collected and analyzed over 13,063 IoT-related vulnerability reports and our method automatically built 5,458 connections between IoT device fingerprints and their vulnerabilities. These findings shed light on the ongoing threat of cyber-attacks on IoT systems as both IoT devices and disclosed vulnerabilities are targets for malicious attackers.</description><subject>Network security</subject><subject>Security and privacy</subject><subject>Vulnerability management</subject><issn>1550-4859</issn><issn>1550-4867</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNo9kD1PwzAYhC0EEqUgdiZvTAG__gjOWBUKlSKxBBgj27GpkZMg26Xqv6eopdOd7h7dcAhdA7kD4OKelURWAk7QBIQgBZflw-nRi-ocXaT0RQhjnJEJqptxo2KHZ-s89ip7o0LY4vk4DNZkP3zi5djgR_vjjU144_MKv6_DYKPSPvjsd6EfcF5Z_OFDd4nOnArJXh10it4WT838pahfn5fzWV0oyqpcUCetZZKbinNjnaayM6CoLoETbQWnrCOVElwQBYJqYNwpLYBXAE6W1LAput3vmjimFK1rv6PvVdy2QNq_E9rDCTvyZk8q0x-h__IXkYRWZQ</recordid><startdate>20231019</startdate><enddate>20231019</enddate><creator>Song, Jinke</creator><creator>Wan, Shangfeng</creator><creator>Huang, Min</creator><creator>Liu, Jiqiang</creator><creator>Sun, Limin</creator><creator>Li, Qiang</creator><general>ACM</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0009-0003-4319-9304</orcidid><orcidid>https://orcid.org/0000-0001-9833-2836</orcidid><orcidid>https://orcid.org/0000-0003-3758-409X</orcidid><orcidid>https://orcid.org/0000-0003-2745-7521</orcidid><orcidid>https://orcid.org/0000-0003-1147-4327</orcidid><orcidid>https://orcid.org/0000-0003-1458-9410</orcidid></search><sort><creationdate>20231019</creationdate><title>Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild</title><author>Song, Jinke ; Wan, Shangfeng ; Huang, Min ; Liu, Jiqiang ; Sun, Limin ; Li, Qiang</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a239t-2f8ee384c944cefb28dc1a2b6140be5423d09a5450a152b134fab514911f862c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Network security</topic><topic>Security and privacy</topic><topic>Vulnerability management</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Song, Jinke</creatorcontrib><creatorcontrib>Wan, Shangfeng</creatorcontrib><creatorcontrib>Huang, Min</creatorcontrib><creatorcontrib>Liu, Jiqiang</creatorcontrib><creatorcontrib>Sun, Limin</creatorcontrib><creatorcontrib>Li, Qiang</creatorcontrib><collection>CrossRef</collection><jtitle>ACM transactions on sensor networks</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Song, Jinke</au><au>Wan, Shangfeng</au><au>Huang, Min</au><au>Liu, Jiqiang</au><au>Sun, Limin</au><au>Li, Qiang</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild</atitle><jtitle>ACM transactions on sensor networks</jtitle><stitle>ACM TOSN</stitle><date>2023-10-19</date><risdate>2023</risdate><volume>20</volume><issue>1</issue><spage>1</spage><epage>26</epage><pages>1-26</pages><artnum>6</artnum><issn>1550-4859</issn><eissn>1550-4867</eissn><abstract>With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to compromise IoT devices and launch cyber attacks. However, despite this growing concern, little effort has been made to investigate the detection of IoT devices and their underlying risks. To address this gap, this article proposes to automatically establish relationships between IoT devices and their vulnerabilities in the wild. Specifically, we construct a deep neural network (DNN) to extract semantic information from IoT packets and generate fine-grained fingerprints of IoT devices. This enables us to annotate IoT devices in cyberspace, including their device type, vendor, and product information. We collect vulnerability reports from various security sources and extract IoT device information from these reports to automatically match vulnerabilities with the fingerprints of IoT devices. We implemented a prototype system and conducted extensive experiments to validate the effectiveness of our approach. The results show that our DNN model achieved a 98% precision rate and a 95% recall rate in IoT device fingerprinting. Furthermore, we collected and analyzed over 13,063 IoT-related vulnerability reports and our method automatically built 5,458 connections between IoT device fingerprints and their vulnerabilities. These findings shed light on the ongoing threat of cyber-attacks on IoT systems as both IoT devices and disclosed vulnerabilities are targets for malicious attackers.</abstract><cop>New York, NY</cop><pub>ACM</pub><doi>10.1145/3608951</doi><tpages>26</tpages><orcidid>https://orcid.org/0009-0003-4319-9304</orcidid><orcidid>https://orcid.org/0000-0001-9833-2836</orcidid><orcidid>https://orcid.org/0000-0003-3758-409X</orcidid><orcidid>https://orcid.org/0000-0003-2745-7521</orcidid><orcidid>https://orcid.org/0000-0003-1147-4327</orcidid><orcidid>https://orcid.org/0000-0003-1458-9410</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1550-4859
ispartof ACM transactions on sensor networks, 2023-10, Vol.20 (1), p.1-26, Article 6
issn 1550-4859
1550-4867
language eng
recordid cdi_crossref_primary_10_1145_3608951
source ACM Digital Library Complete
subjects Network security
Security and privacy
Vulnerability management
title Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-19T10%3A49%3A15IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-acm_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Toward%20Automatically%20Connecting%20IoT%20Devices%20with%20Vulnerabilities%20in%20the%20Wild&rft.jtitle=ACM%20transactions%20on%20sensor%20networks&rft.au=Song,%20Jinke&rft.date=2023-10-19&rft.volume=20&rft.issue=1&rft.spage=1&rft.epage=26&rft.pages=1-26&rft.artnum=6&rft.issn=1550-4859&rft.eissn=1550-4867&rft_id=info:doi/10.1145/3608951&rft_dat=%3Cacm_cross%3E3608951%3C/acm_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true