Abstract
The introduction of the Internet of Things (IoT) ecosystem into public and private sectors has markedly changed the way people live, work, and entertain through integrating the digital system with the physical world. However, the production of new scenarios and architectures in IoT ecosystems introduces previously unknown security threats due to the vulnerabilities in the IoT software. Since various vulnerabilities lead to unexpected consequences in different parts of the IoT ecosystem, we propose ‘security domain’ to categorize the origin of the threats properly, including ‘physical device’, ‘operation rule’, and ‘communication’. The research community has conducted a significant amount of work in the area of vulnerability discovery by utilizing ‘code intelligence’, representing code analysis techniques based on different types of code. With the focus on the security domains, we review recent representative work published in the dominant time to investigate the emerging research. Also, we summarize the research methodology commonly adopted in this fast-growing area. In consonance with the phases of the research methodology, each paper that discovers IoT vulnerabilities is comprehensively studied. Challenges and future work in this area have been discussed as well.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ban, X., Chen, C., Liu, S., Wang, Y., Zhang, J.: Deep-learnt features for twitter spam detection. In: 2018 International Symposium on Security and Privacy in Social Networks and Big Data, pp. 208–212. IEEE (2018)
Ban, X., Ding, M., Liu, S., Chen, C., Zhang, J., Xiang, Y.: TAESim: a testbed for IoT security analysis of trigger-action environment. In: Katsikas, S., et al. (eds.) European Symposium on Research in Computer Security, pp. 218–237. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-95484-0_14
Ban, X., Liu, S., Chen, C., Chua, C.: A performance evaluation of deep-learnt features for software vulnerability detection. Concurr. Comput. Pract. Exp. 31(19), e5103 (2019)
Bu, L., et al.: Systematically ensuring the confidence of real-time home automation IoT systems. ACM Trans. Cyber-Phys. Syst. 2(3), 1–23 (2018)
Celik, Z.B., McDaniel, P., Tan, G.: SOTERIA: automated IoT safety and security analysis. In: USENIX, Boston, MA, USA, pp. 147–158 (2018)
Celik, Z.B., Tan, G., McDaniel, P.: IoTGuard: dynamic enforcement of security and safety policy in commodity IoT. In: Network and Distributed System Security Symposium, San Diego, CA, USA, pp. 1–15. The Internet Society (2019)
Chen, D.D., Woo, M., Brumley, D., Egele, M.: Towards automated dynamic analysis for linux-based embedded firmware. In: 23rd Annual Network and Distributed System Security Symposium, San Diego, CA, USA. The Internet Society (2016)
Chen, J., et al.: IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing. In: NDSS, San Diego, CA, USA. The Internet Society (2018)
Croft, J., Mahajan, R., Caesar, M., Musuvathi, M.: Systematically exploring the behavior of control programs. In: Proceedings of the 2015 USENIX Conference, Santa Clara, CA, USA, pp. 165–176. USENIX Association (2015)
Ding, W., Hu, H.: On the safety of IoT device physical interaction control. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, pp. 832–846. ACM (2018)
Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, pp. 480–491. ACM (2016)
Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: 2016 IEEE symposium on security and privacy (SP), San Jose, CA, USA, pp. 636–654. IEEE (2016)
Hamza, A.A., Abdel-Halim, I.T., Sobh, M.A., Bahaa-Eldin, A.M.: A survey and taxonomy of program analysis for IoT platforms. Ain Shams Eng. J. 12(4), 3725–3736 (2021)
Iijima, R., Takehisa, T., Mori, T.: Cyber-physical firewall: monitoring and controlling the threats caused by malicious analog signals. In: Proceedings of the 19th ACM International Conference on Computing Frontiers, pp. 296–304 (2022)
Kang, H.J., Sim, S.Q., Lo, D.: Iotbox: sandbox mining to prevent interaction threats in IoT systems. In: 2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST), pp. 182–193. IEEE (2021)
Kashaf, A., Sekar, V., Agarwal, Y.: Protecting smart homes from unintended application actions. In: 2022 ACM/IEEE 13th International Conference on Cyber-Physical Systems (ICCPS), pp. 270–281. IEEE (2022)
Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72, 1–12 (2018)
Nguyen, D.T., Song, C., Qian, Z., Krishnamurthy, S.V., Colbert, E.J., McDaniel, P.: IotSan: fortifying the safety of IoT systems. In: Proceedings of the 14th International Conference on Emerging Networking Experiments and Technologies, Heraklion, Greece, pp. 191–203. ACM (2018)
Pradeep, P., Kant, K.: Conflict detection and resolution in IoT systems: a survey. IoT 3(1), 191–218 (2022)
Stephens, N., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceedings of 23rd Annual Network and Distributed System Security Symposium, San Diego, CA, USA. The Internet Society (2016)
Surbatovich, M., Aljuraidan, J., Bauer, L., Das, A., Jia, L.: Some recipes can do more than spoil your appetite: analyzing the security and privacy risks of IFTTT recipes. In: Proceedings of the 26th International Conference on World Wide Web, Perth, Australia, pp. 1501–1510 (2017)
Wang, Q., Datta, P., Yang, W., Liu, S., Bates, A., Gunter, C.A.: Charting the attack surface of trigger-action IoT platforms. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, pp. 1439–1453. ACM (2019)
Wang, X., Sun, Y., Nanda, S., Wang, X.: Looking from the mirror: evaluating IoT device security through mobile companion apps. In: 28th USENIX Security Symposium, Santa Clara, CA, USA, pp. 1151–1167. USENIX Association (2019)
Wang, Z., et al.: Automated vulnerability discovery and exploitation in the internet of things. Sensors 19(15), 3362 (2019)
Wen, H., Chen, Q.A., Lin, Z.: Plug-N-Pwned: comprehensive vulnerability analysis of OBD-II dongles as a new over-the-air attack surface in automotive IoT. In: 29th USENIX Security Symposium, Boston, MA, USA. USENIX Association (2020)
Xiao, F., Sha, L., Yuan, Z., Wang, R.: Vulhunter: a discovery for unknown bugs based on analysis for known patches in industry internet of things. IEEE Trans. Emerg. Top. Comput. 8(2), 267–279 (2020)
Zhang, Y., et al.: SRFuzzer: an automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities. In: 35th Annual Computer Security Applications Conference, San Juan, PR, USA, pp. 544–556. ACM (2019)
Zheng, Y., Davanian, A., Yin, H., Song, C., Zhu, H., Sun, L.: FIRM-AFL: high-throughput greybox fuzzing of IoT firmware via augmented process emulation. In: USENIX, Santa Clara, CA, USA, pp. 1099–1114. USENIX Association (2019)
Zheng, Y., Song, Z., Sun, Y., Cheng, K., Zhu, H., Sun, L.: An efficient greybox fuzzing scheme for linux-based IoT programs through binary static analysis. In: 38th IEEE International Performance Computing and Communications Conference, London, UK, pp. 1–8. IEEE (2019)
Zhou, W., et al.: Discovering and understanding the security hazards in the interactions between IoT devices, mobile apps, and clouds on smart home platforms. In: 28th USENIX Security Symposium, Santa Clara, CA, pp. 1133–1150. USENIX Association (2019)
Zuo, C., Wen, H., Lin, Z., Zhang, Y.: Automatic fingerprinting of vulnerable BLE IoT devices with static UUIDs from mobile apps. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, UK, pp. 1469–1483. ACM (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ban, X., Ding, M., Liu, S., Chen, C., Zhang, J. (2022). A Survey on IoT Vulnerability Discovery. In: Yuan, X., Bai, G., Alcaraz, C., Majumdar, S. (eds) Network and System Security. NSS 2022. Lecture Notes in Computer Science, vol 13787. Springer, Cham. https://doi.org/10.1007/978-3-031-23020-2_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-23020-2_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-23019-6
Online ISBN: 978-3-031-23020-2
eBook Packages: Computer ScienceComputer Science (R0)