Skip to main content
SpringerLink
Log in
Book cover

International Conference on Network and System Security

NSS 2022: Network and System Security pp 267–282Cite as

A Survey on IoT Vulnerability Discovery

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13787))

Abstract

The introduction of the Internet of Things (IoT) ecosystem into public and private sectors has markedly changed the way people live, work, and entertain through integrating the digital system with the physical world. However, the production of new scenarios and architectures in IoT ecosystems introduces previously unknown security threats due to the vulnerabilities in the IoT software. Since various vulnerabilities lead to unexpected consequences in different parts of the IoT ecosystem, we propose ‘security domain’ to categorize the origin of the threats properly, including ‘physical device’, ‘operation rule’, and ‘communication’. The research community has conducted a significant amount of work in the area of vulnerability discovery by utilizing ‘code intelligence’, representing code analysis techniques based on different types of code. With the focus on the security domains, we review recent representative work published in the dominant time to investigate the emerging research. Also, we summarize the research methodology commonly adopted in this fast-growing area. In consonance with the phases of the research methodology, each paper that discovers IoT vulnerabilities is comprehensively studied. Challenges and future work in this area have been discussed as well.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Ban, X., Chen, C., Liu, S., Wang, Y., Zhang, J.: Deep-learnt features for twitter spam detection. In: 2018 International Symposium on Security and Privacy in Social Networks and Big Data, pp. 208–212. IEEE (2018)

    Google Scholar 

  2. Ban, X., Ding, M., Liu, S., Chen, C., Zhang, J., Xiang, Y.: TAESim: a testbed for IoT security analysis of trigger-action environment. In: Katsikas, S., et al. (eds.) European Symposium on Research in Computer Security, pp. 218–237. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-95484-0_14

    Chapter  Google Scholar 

  3. Ban, X., Liu, S., Chen, C., Chua, C.: A performance evaluation of deep-learnt features for software vulnerability detection. Concurr. Comput. Pract. Exp. 31(19), e5103 (2019)

    Article  Google Scholar 

  4. Bu, L., et al.: Systematically ensuring the confidence of real-time home automation IoT systems. ACM Trans. Cyber-Phys. Syst. 2(3), 1–23 (2018)

    Article  Google Scholar 

  5. Celik, Z.B., McDaniel, P., Tan, G.: SOTERIA: automated IoT safety and security analysis. In: USENIX, Boston, MA, USA, pp. 147–158 (2018)

    Google Scholar 

  6. Celik, Z.B., Tan, G., McDaniel, P.: IoTGuard: dynamic enforcement of security and safety policy in commodity IoT. In: Network and Distributed System Security Symposium, San Diego, CA, USA, pp. 1–15. The Internet Society (2019)

    Google Scholar 

  7. Chen, D.D., Woo, M., Brumley, D., Egele, M.: Towards automated dynamic analysis for linux-based embedded firmware. In: 23rd Annual Network and Distributed System Security Symposium, San Diego, CA, USA. The Internet Society (2016)

    Google Scholar 

  8. Chen, J., et al.: IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing. In: NDSS, San Diego, CA, USA. The Internet Society (2018)

    Google Scholar 

  9. Croft, J., Mahajan, R., Caesar, M., Musuvathi, M.: Systematically exploring the behavior of control programs. In: Proceedings of the 2015 USENIX Conference, Santa Clara, CA, USA, pp. 165–176. USENIX Association (2015)

    Google Scholar 

  10. Ding, W., Hu, H.: On the safety of IoT device physical interaction control. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, pp. 832–846. ACM (2018)

    Google Scholar 

  11. Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, pp. 480–491. ACM (2016)

    Google Scholar 

  12. Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: 2016 IEEE symposium on security and privacy (SP), San Jose, CA, USA, pp. 636–654. IEEE (2016)

    Google Scholar 

  13. Hamza, A.A., Abdel-Halim, I.T., Sobh, M.A., Bahaa-Eldin, A.M.: A survey and taxonomy of program analysis for IoT platforms. Ain Shams Eng. J. 12(4), 3725–3736 (2021)

    Article  Google Scholar 

  14. Iijima, R., Takehisa, T., Mori, T.: Cyber-physical firewall: monitoring and controlling the threats caused by malicious analog signals. In: Proceedings of the 19th ACM International Conference on Computing Frontiers, pp. 296–304 (2022)

    Google Scholar 

  15. Kang, H.J., Sim, S.Q., Lo, D.: Iotbox: sandbox mining to prevent interaction threats in IoT systems. In: 2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST), pp. 182–193. IEEE (2021)

    Google Scholar 

  16. Kashaf, A., Sekar, V., Agarwal, Y.: Protecting smart homes from unintended application actions. In: 2022 ACM/IEEE 13th International Conference on Cyber-Physical Systems (ICCPS), pp. 270–281. IEEE (2022)

    Google Scholar 

  17. Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72, 1–12 (2018)

    Article  Google Scholar 

  18. Nguyen, D.T., Song, C., Qian, Z., Krishnamurthy, S.V., Colbert, E.J., McDaniel, P.: IotSan: fortifying the safety of IoT systems. In: Proceedings of the 14th International Conference on Emerging Networking Experiments and Technologies, Heraklion, Greece, pp. 191–203. ACM (2018)

    Google Scholar 

  19. Pradeep, P., Kant, K.: Conflict detection and resolution in IoT systems: a survey. IoT 3(1), 191–218 (2022)

    Article  Google Scholar 

  20. Stephens, N., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceedings of 23rd Annual Network and Distributed System Security Symposium, San Diego, CA, USA. The Internet Society (2016)

    Google Scholar 

  21. Surbatovich, M., Aljuraidan, J., Bauer, L., Das, A., Jia, L.: Some recipes can do more than spoil your appetite: analyzing the security and privacy risks of IFTTT recipes. In: Proceedings of the 26th International Conference on World Wide Web, Perth, Australia, pp. 1501–1510 (2017)

    Google Scholar 

  22. Wang, Q., Datta, P., Yang, W., Liu, S., Bates, A., Gunter, C.A.: Charting the attack surface of trigger-action IoT platforms. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, pp. 1439–1453. ACM (2019)

    Google Scholar 

  23. Wang, X., Sun, Y., Nanda, S., Wang, X.: Looking from the mirror: evaluating IoT device security through mobile companion apps. In: 28th USENIX Security Symposium, Santa Clara, CA, USA, pp. 1151–1167. USENIX Association (2019)

    Google Scholar 

  24. Wang, Z., et al.: Automated vulnerability discovery and exploitation in the internet of things. Sensors 19(15), 3362 (2019)

    Article  Google Scholar 

  25. Wen, H., Chen, Q.A., Lin, Z.: Plug-N-Pwned: comprehensive vulnerability analysis of OBD-II dongles as a new over-the-air attack surface in automotive IoT. In: 29th USENIX Security Symposium, Boston, MA, USA. USENIX Association (2020)

    Google Scholar 

  26. Xiao, F., Sha, L., Yuan, Z., Wang, R.: Vulhunter: a discovery for unknown bugs based on analysis for known patches in industry internet of things. IEEE Trans. Emerg. Top. Comput. 8(2), 267–279 (2020)

    Article  Google Scholar 

  27. Zhang, Y., et al.: SRFuzzer: an automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities. In: 35th Annual Computer Security Applications Conference, San Juan, PR, USA, pp. 544–556. ACM (2019)

    Google Scholar 

  28. Zheng, Y., Davanian, A., Yin, H., Song, C., Zhu, H., Sun, L.: FIRM-AFL: high-throughput greybox fuzzing of IoT firmware via augmented process emulation. In: USENIX, Santa Clara, CA, USA, pp. 1099–1114. USENIX Association (2019)

    Google Scholar 

  29. Zheng, Y., Song, Z., Sun, Y., Cheng, K., Zhu, H., Sun, L.: An efficient greybox fuzzing scheme for linux-based IoT programs through binary static analysis. In: 38th IEEE International Performance Computing and Communications Conference, London, UK, pp. 1–8. IEEE (2019)

    Google Scholar 

  30. Zhou, W., et al.: Discovering and understanding the security hazards in the interactions between IoT devices, mobile apps, and clouds on smart home platforms. In: 28th USENIX Security Symposium, Santa Clara, CA, pp. 1133–1150. USENIX Association (2019)

    Google Scholar 

  31. Zuo, C., Wen, H., Lin, Z., Zhang, Y.: Automatic fingerprinting of vulnerable BLE IoT devices with static UUIDs from mobile apps. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, UK, pp. 1469–1483. ACM (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Swinburne University of Technology, 1 John Street, Melbourne, Australia

    Xinbo Ban, Shigang Liu & Jun Zhang

  2. Information Security and Privacy Group, Data61, CSIRO, Sydney, Australia

    Ming Ding

  3. Royal Melbourne Institute of Technology, 124 La Trobe Street, Melbourne, Australia

    Chao Chen

Authors
  1. Xinbo Ban
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ming Ding
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shigang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chao Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xinbo Ban .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, VIC, Australia

    Xingliang Yuan

  2. The University of Queensland, Queensland, QLD, Australia

    Guangdong Bai

  3. University of Malaga, Málaga, Spain

    Cristina Alcaraz

  4. Concordia University, Montreal, QC, Canada

    Suryadipta Majumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ban, X., Ding, M., Liu, S., Chen, C., Zhang, J. (2022). A Survey on IoT Vulnerability Discovery. In: Yuan, X., Bai, G., Alcaraz, C., Majumdar, S. (eds) Network and System Security. NSS 2022. Lecture Notes in Computer Science, vol 13787. Springer, Cham. https://doi.org/10.1007/978-3-031-23020-2_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-23020-2_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-23019-6

  • Online ISBN: 978-3-031-23020-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation