research-article

Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild

Authors:
Jinke Song

Beijing Jiaotong University, China

Beijing Jiaotong University, China

0000-0003-1458-9410
View Profile

,
Shangfeng Wan

Beijing Jiaotong University, China

Beijing Jiaotong University, China

0000-0003-3758-409X
View Profile

,
Min Huang

Beijing Jiaotong University, China

Beijing Jiaotong University, China

0009-0003-4319-9304
View Profile

,
Jiqiang Liu

Beijing Jiaotong University, China

Beijing Jiaotong University, China

0000-0003-1147-4327
View Profile

,
Limin Sun

Chinese Academy of Sciences, China

Chinese Academy of Sciences, China

0000-0003-2745-7521
View Profile

,
Qiang Li

Beijing Jiaotong University, China

Beijing Jiaotong University, China

0000-0001-9833-2836
View Profile

Authors Info & Claims

ACM Transactions on Sensor Networks Volume 20 Issue 1Article No.: 6pp 1–26https://doi.org/10.1145/3608951

Published:19 October 2023Publication History

ACM Transactions on Sensor Networks

Abstract

With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to compromise IoT devices and launch cyber attacks. However, despite this growing concern, little effort has been made to investigate the detection of IoT devices and their underlying risks. To address this gap, this article proposes to automatically establish relationships between IoT devices and their vulnerabilities in the wild. Specifically, we construct a deep neural network (DNN) to extract semantic information from IoT packets and generate fine-grained fingerprints of IoT devices. This enables us to annotate IoT devices in cyberspace, including their device type, vendor, and product information. We collect vulnerability reports from various security sources and extract IoT device information from these reports to automatically match vulnerabilities with the fingerprints of IoT devices. We implemented a prototype system and conducted extensive experiments to validate the effectiveness of our approach. The results show that our DNN model achieved a 98% precision rate and a 95% recall rate in IoT device fingerprinting. Furthermore, we collected and analyzed over 13,063 IoT-related vulnerability reports and our method automatically built 5,458 connections between IoT device fingerprints and their vulnerabilities. These findings shed light on the ongoing threat of cyber-attacks on IoT systems as both IoT devices and disclosed vulnerabilities are targets for malicious attackers.

REFERENCES

[1] Aksoy Ahmet and Gunes Mehmet Hadi. 2019. Automated iot device identification using network traffic. In Proceedings of the IEEE International Conference on Communications (ICC’19). IEEE, 1–7.Google ScholarCross Ref
[2] Fadele Ayotunde Alaba, Mazliza Othman, Ibrahim Abaker Targio Hashem, and Faiz Alotaibi. 2017. Internet of things security: A survey. Journal of Network and Computer Applications 88 (2017), 10–28.Google Scholar
[3] Antonakakis Manos, April Tim, Bailey Michael, Bernhard Matthew, Bursztein Elie, Cochran Jaime, Durumeric Zakir, Halderman J. Alex, Invernizzi Luca, Kallitsis Michalis, Kumar Deepak, Lever Chaz, Ma Zane, Mason Joshua, Menscher Damian, Seaman Chad, Sullivan Nick, Thomas Kurt, and Zhou Yi. 2017. Understanding the mirai botnet. In Proceedings of the 26th USENIX Conference on Security Symposium (SEC’17). 1093–1110.Google ScholarDigital Library
[4] Bruhadeshwar Bezawada, Maalvika Bachani, Jordan Peterson, Hossein Shirazi, Indrakshi Ray, and Indrajit Ray. 2018. Behavioral fingerprinting of IoT devices. In Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security (ASHES’18). Association for Computing Machinery, New York, NY, 41–50.Google Scholar
[5] Bou-Harb Elias, Debbabi Mourad, and Assi Chadi. 2016. A novel cyber security capability: Inferring internet-scale infections by correlating malware and probing activities. Comput. Netw. 94 (2016), 327–343.Google ScholarDigital Library
[6] Censys. 2015. A Search Engine Based on Internet-wide Scanning for the Devices and Networks. Retrieved from https://censys.io/Google Scholar
[7] CVE. 2023. CVE, Common Vulnerabilities and Exposures. Retrieved from http://cve.mitre.org/Google Scholar
[8] CVSS. 2023. A Free and Open Industry Standard for Assessing the Severity of Computer System Security Vulnerabilities.Retrieved from https://nvd.nist.gov/vuln-metrics/cvssGoogle Scholar
[9] CWE. 2023. A Community-developed List of Common Software Security Weaknesses.Retrieved from https://cwe.mitre.org/Google Scholar
[10] DevTag. 2021. Number of Connected IoT Devices Will Surge to 125 Billion by 2030. Retrieved from https://www.iot-now.com/tag/ihs-markit/Google Scholar
[11] Dong Ying, Guo Wenbo, Chen Yueqi, Xing Xinyu, Zhang Yuqing, and Wang Gang. 2019. Towards the detection of inconsistencies in public security vulnerability reports. In Proceedings of the 28th USENIX Security Symposium (USENIX Security’19). 869–885.Google Scholar
[12] Durumeric Zakir, Wustrow Eric, and Halderman J. Alex. 2013. ZMap: Fast internet-wide scanning and its security applications. In Proceedings of the USENIX Security Symposium, Vol. 8.605–620.Google Scholar
[13] Fachkha Claude, Bou-Harb Elias, Keliris Anastasis, Memon Nasir D., and Ahamad Mustaque. 2017. Internet-scale probing of CPS: Inference, characterization and orchestration analysis. In Proceedings of the Network and Distributed System Security (NDSS) Symposium (NDSS’17).Google ScholarCross Ref
[14] Feng Xuan, Li Qiang, Wang Haining, and Sun Limin. 2016. Characterizing industrial control system devices on the internet. In Proceedings of the IEEE 24th International Conference on Network Protocols (ICNP’16). IEEE, 1–10.Google Scholar
[15] Feng Xuan, Li Qiang, Wang Haining, and Sun Limin. 2018. Acquisitional rule-based engine for discovering internet-of-things devices. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18). Baltimore, MD, 327–341.Google Scholar
[16] Feng Xuan, Liao Xiaojing, Wang XiaoFeng, Wang Haining, Li Qiang, Yang Kai, Zhu Hongsong, and Sun Limin. 2019. Understanding and securing device vulnerabilities through automated bug report analysis. In Proceedings of the 28th USENIX Security Symposium (USENIX Security’19). USENIX Association, Berkeley, CA, 887–903.Google Scholar
[17] Reporting Guidelines for Security Vulnerability and Response.2016. Retrieved from https://www.symantec.com/security/OIS_Guidelines%20for%20responsible%20disclosure.pdfGoogle Scholar
[18] Formby David, Srinivasan Preethi, Leonard Andrew M., Rogers Jonathan D., and Beyah Raheem A.. 2016. Who’s in control of your control system? Device fingerprinting for cyber-physical systems. In Proceedings of the Network and Distributed System Security (NDSS) Symposium (NDSS’16).Google ScholarCross Ref
[19] GoogleScraper. 2023. GoogleScraper. Retrieved from https://github.com/NikolaiT/GoogleScraperGoogle Scholar
[20] Granjal Jorge, Monteiro Edmundo, and Silva Jorge Sá. 2015. Security for the internet of things: A survey of existing protocols and open research issues. IEEE Commun. Surv. Tutor. 17, 3 (2015), 1294–1312.Google ScholarDigital Library
[21] Hamza Ayyoob, Ranathunga Dinesha, Gharakheili Hassan Habibi, Benson Theophilus A., Roughan Matthew, and Sivaraman Vijay. 2020. Verifying and monitoring iots network behavior using mud profiles. IEEE Trans. Depend. Sec. Comput. (2020).Google Scholar
[22] Hashmat Fabiha, Abbas Syed Ghazanfar, Hina Sadaf, Shah Ghalib A, Bakhshi Taimur, and Abbas Waseem. 2022. An automated context-aware IoT vulnerability assessment rule-set generator. Comput. Commun. 186 (2022), 133–152.Google ScholarDigital Library
[23] Kotak Jaidip and Elovici Yuval. 2019. Iot device identification using deep learning. In Computational Intelligence in Security for Information Systems Conference. Springer, 76–86.Google Scholar
[24] Li Frank and Paxson Vern. 2017. A large-scale empirical study of security patches. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’17). ACM, New York, NY, 2201–2215. Google ScholarDigital Library
[25] Liu Yongxin, Wang Jian, Li Jianqiang, Niu Shuteng, and Song Houbing. 2021. Machine learning for the detection and identification of internet of things devices: A survey. IEEE IoT J. 9, 1 (2021), 298–320.Google Scholar
[26] Marchal Samuel, Miettinen Markus, Nguyen Thien Duc, Sadeghi Ahmad-Reza, and Asokan N.. 2019. Audi: Toward autonomous iot device-type identification using periodic communication. IEEE J. Select. Areas Commun. 37, 6 (2019), 1402–1412.Google ScholarCross Ref
[27] Miettinen Markus, Marchal Samuel, Hafeez Ibbad, Asokan N., Sadeghi Ahmad-Reza, and Tarkoma Sasu. 2017. Iot sentinel: Automated device-type identification for security enforcement in iot. In Proceedings of the IEEE 37th International Conference on Distributed Computing Systems (ICDCS’17). IEEE, 2177–2184.Google Scholar
[28] Mikolov Tomas, Chen Kai, Corrado Greg, and Dean Jeffrey. 2013. Efficient estimation of word representations in vector space. arXiv:1301.3781. Retrieved from https://arxiv.org/abs/1301.3781Google Scholar
[29] Mosenia Arsalan and Jha Niraj K.. 2016. A comprehensive study of security of internet-of-things. IEEE Trans. Emerg. Top. Comput. 5, 4 (2016), 586–602.Google ScholarCross Ref
[30] Msadek Nizar, Soua Ridha, and Engel Thomas. 2019. Iot device fingerprinting: Machine learning based encrypted traffic analysis. In Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC’19). IEEE, 1–8.Google ScholarDigital Library
[31] Mu Dongliang, Cuevas Alejandro, Yang Limin, Hu Hang, Xing Xinyu, Mao Bing, and Wang Gang. 2018. Understanding the reproducibility of crowd-reported security vulnerabilities. In Proceedings of the 27th \(\lbrace\)USENIX\(\rbrace\) Security Symposium (\(\lbrace\)USENIX\(\rbrace\) Security’18). 919–936.Google Scholar
[32] Nguyen Viet Hung and Massacci Fabio. 2013. The (un) reliability of nvd vulnerable versions data: An empirical experiment on google chrome vulnerabilities. In Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. 493–498.Google ScholarDigital Library
[33] NLTK. 2001. A Suite of Libraries and Programs for Symbolic and Statistical Natural Language Processing. Retrieved from http://www.nltk.org/Google Scholar
[34] Nmap. 1997. Network Security Scanner Tool.Google Scholar
[35] Oser Pascal, Heijden Rens W. van der, Lüders Stefan, and Kargl Frank. 2022. Risk prediction of IoT devices based on vulnerability analysis. ACM Trans. Priv. Secur. 25, 2 (2022), 1–36.Google ScholarDigital Library
[36] Peng Linning, Hu Aiqun, Zhang Junqing, Jiang Yu, Yu Jiabao, and Yan Yan. 2018. Design of a hybrid RF fingerprint extraction and device classification scheme. IEEE IoT J. 6, 1 (2018), 349–360.Google Scholar
[37] Polak Adam C. and Goeckel Dennis L.. 2015. Wireless device identification based on RF oscillator imperfections. IEEE Trans. Inf. Forens. Secur. 10, 12 (2015), 2492–2501.Google ScholarDigital Library
[38] Pytorch. 2018. An Open Source Machine Learning Framework That Accelerates the Path from Research Prototyping to Production Deployment. Retrieved from https://pytorch.org/Google Scholar
[39] Report Mirai. 2016. The Cyber Attack Disrupts Internet Service across Europe and US via Mirai.Google Scholar
[40] Riyaz Shamnaz, Sankhe Kunal, Ioannidis Stratis, and Chowdhury Kaushik. 2018. Deep learning convolutional neural networks for radio identification. IEEE Commun. Mag. 56, 9 (2018), 146–152.Google ScholarCross Ref
[41] Sabottke Carl, Suciu Octavian, and Dumitraş Tudor. 2015. Vulnerability disclosure in the age of social media: Exploiting twitter for predicting real-world exploits. In Proceedings of the 24th USENIX Security Symposium. USENIX Association, Berkeley, CA, 1041–1056.Google ScholarDigital Library
[42] Shamsi Zain, Cline Daren B. H., and Loguinov Dmitri. 2017. Faulds: A non-parametric iterative classifier for internet-wide OS fingerprinting. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 971–982.Google ScholarDigital Library
[43] Shamsi Zain, Nandwani Ankur, Leonard Derek, and Loguinov Dmitri. 2014. Hershel: Single-packet Os fingerprinting. In Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS’14). 195–206.Google ScholarDigital Library
[44] Shodan. 2009. The Search Engine for Internet-connected Devices. Retrieved from https://www.shodan.io/Google Scholar
[45] Shokeen Rahul, Shanmugam Bharanidharan, Kannoorpatti Krishnan, Azam Sami, Jonkman Mirjam, and Alazab Mamoun. 2019. Vulnerabilities analysis and security assessment framework for the internet of things. In Proceedings of the Cybersecurity and Cyberforensics Conference (CCC’19). IEEE, 22–29.Google ScholarCross Ref
[46] Sicari Sabrina, Rizzardi Alessandra, Grieco Luigi Alfredo, and Coen-Porisini Alberto. 2015. Security, privacy and trust in internet of things: The road ahead. Comput. Netw. 76 (2015), 146–164.Google ScholarDigital Library
[47] Sivanathan Arunan. 2020. IoT behavioral monitoring via network traffic analysis. arXiv:2001.10632. Retrieved from https://arxiv.org/abs/2001.10632Google Scholar
[48] Sivanathan Arunan, Gharakheili Hassan Habibi, Loi Franco, Radford Adam, Wijenayake Chamith, Vishwanath Arun, and Sivaraman Vijay. 2018. Classifying IoT devices in smart environments using network traffic characteristics. IEEE Trans. Mob. Comput. 18, 8 (2018), 1745–1759.Google ScholarCross Ref
[49] Sivanathan Arunan, Gharakheili Hassan Habibi, and Sivaraman Vijay. 2020. Managing IoT cyber-security using programmable telemetry and machine learning. IEEE Trans. Netw. Serv. Manage. 17, 1 (2020), 60–74.Google ScholarDigital Library
[50] Song Jinke, Li Qiang, Wang Haining, and Sun Limin. 2020. Under the concealing surface: Detecting and understanding live webcams in the wild. In Proceedings of the ACM on Measurement and Analysis of Computing Systems, SIGMETRICS ’20. 4, 1 (2020), 1–25.Google ScholarDigital Library
[51] Beautiful Soup. 2012. Package for Parsing HTML and XML Documents. Retrieved from https://www.crummy.com/software/BeautifulSoup/Google Scholar
[52] Thangavelu Vijayanand, Divakaran Dinil Mon, Sairam Rishi, Bhunia Suman Sankar, and Gurusamy Mohan. 2018. DEFT: A distributed IoT fingerprinting technique. IEEE IoT J. 6, 1 (2018), 940–952.Google Scholar
[53] Venkataraman Shobha, Caballero Juan, Poosankam Pongsin, Kang Min Gyung, and Song Dawn Xiaodong. 2007. Fig: Automatic fingerprint generation. In Proceedings of the Network and Distributed System Security Symposium (NDSS’07).Google Scholar
[54] Weber Rolf H. and Studer Evelyne. 2016. Cybersecurity in the internet of things: Legal aspects. Comput. Law Secur. Rev. 32, 5 (2016), 715–728.Google ScholarCross Ref
[55] Williams Ryan, McMahon Emma, Samtani Sagar, Patton Mark, and Chen Hsinchun. 2017. Identifying vulnerabilities of consumer internet of things (IoT) devices: A scalable approach. In Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI’17). IEEE, 179–181.Google ScholarDigital Library
[56] Yake. 2023. Yake. Retrieved from https://github.com/LIAAD/yakeGoogle Scholar
[57] Yang Kai, Li Qiang, and Sun Limin. 2019. Towards automatic fingerprinting of IoT devices in the cyberspace. Comput. Netw. 148 (2019), 318–327. Google ScholarCross Ref
[58] Yu Jiabao, Hu Aiqun, Li Guyue, and Peng Linning. 2019. A robust RF fingerprinting approach using multisampling convolutional neural network. IEEE IoT J. 6, 4 (2019), 6786–6799.Google Scholar
[59] Zheng Tianhang, Sun Zhi, and Ren Kui. 2019. FID: Function modeling-based data-independent and channel-robust physical-layer identification. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM’19). IEEE, 199–207.Google ScholarDigital Library
[60] Zhou Xinyu, Hu Aiqun, Li Guyue, Peng Linning, Xing Yuexiu, and Yu Jiabao. 2019. Design of a robust RF fingerprint generation and classification scheme for practical device identification. In Proceedings of the IEEE Conference on Communications and Network Security (CNS’19). IEEE, 196–204.Google ScholarCross Ref
[61] Zhu Fangzhou, Liu Liang, Meng Weizhi, Lv Ting, Hu Simin, and Ye Renjun. 2020. Scaffisd: A scalable framework for fine-grained identification and security detection of wireless routers. In Proceedings of the IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom’20). IEEE, 1194–1199.Google ScholarCross Ref
[62] ztag. 2023. ZTag, an Utility for Annotating Raw Scan Data with Additional Metadata. Retrieved from http://github.com/zmap/ztagGoogle Scholar

Index Terms

Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild
1. Security and privacy
  1. Network security
  2. Systems security
    1. Vulnerability management

Recommendations

Fingerprinting IoT Devices Using Latent Physical Side-Channels

The proliferation of low-end low-power internet-of-things (IoT) devices in "smart" environments necessitates secure identification and authentication of these devices via low-overhead fingerprinting methods. Previous work typically utilizes ...
Read More
A taxonomy of vulnerabilities in implantable medical devices
SPIMACS '10: Proceedings of the second annual workshop on Security and privacy in medical and home-care systems

Once the domain of science fiction, devices connecting biological systems with computers have become reality. Security vulnerabilities that might be exploited in such systems by malicious parties or by inadvertent manipulation are also now a reality. ...
Read More
Discovering buffer overflow vulnerabilities in the wild: an empirical study
ESEM '14: Proceedings of the 8th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement

Context: Reporters of security vulnerabilities possess rich information about the security engineering process. Goal: We performed an empirical study on reporters of buffer overflow vulnerabilities to understand the methods and tools used during the ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Sensor Networks Volume 20, Issue 1
January 2024
717 pages
ISSN:1550-4859
EISSN:1550-4867
DOI:10.1145/3618078
Editor:
Yunhao Liu
Tsinghua University, China
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States

Journal Family
ACM Journals for the Design of Smart and Connected Systems
Publication History
- Published: 19 October 2023
- Online AM: 17 July 2023
- Revised: 20 June 2023
- Accepted: 20 June 2023
- Received: 19 May 2023
Published in tosn Volume 20, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Internet-of-Things
fingerprinting
online devices
vulnerability
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 285
  Total Downloads
- Downloads (Last 12 months)285
- Downloads (Last 6 weeks)40
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Full Text

View this article in Full Text.

View Full Text

Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild

ACM Transactions on Sensor Networks

Abstract

REFERENCES

Cited By

Index Terms

Recommendations

Fingerprinting IoT Devices Using Latent Physical Side-Channels

A taxonomy of vulnerabilities in implantable medical devices

Discovering buffer overflow vulnerabilities in the wild: an empirical study

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Full Text

Caption

Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild

ACM Transactions on Sensor Networks

Abstract

REFERENCES

Cited By

Index Terms

Recommendations

Fingerprinting IoT Devices Using Latent Physical Side-Channels

A taxonomy of vulnerabilities in implantable medical devices

Discovering buffer overflow vulnerabilities in the wild: an empirical study

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Full Text

Share this Publication link

Share on Social Media