Hybrid Firmware Analysis for Known Mobile and IoT Security Vulnerabilities

2020 ◽  
Author(s):  
Pengfei Sun ◽  
Luis Garcia ◽  
Gabriel Salles-Loustau ◽  
Saman Zonouz
Keyword(s):  
Security Vulnerabilities ◽  
Iot Security

Security Vulnerabilities, Threats, and Attacks in IoT and Big Data

2020 ◽  
pp. 141-167
Author(s):  
Prabha Selvaraj ◽  
Sumathi Doraikannan ◽  
Vijay Kumar Burugari
Keyword(s):  
Big Data ◽  
Case Studies ◽  
Big Data Analytics ◽  
Cloud Services ◽  
Web Interface ◽  
Security Vulnerabilities ◽  
New Techniques ◽  
Iot Security ◽  
Web Interfaces ◽  
The Web

Big data and IoT has its impact on various areas like science, health, engineering, medicine, finance, business, and mainly, the society. Due to the growth in security intelligence, there is a requirement for new techniques which need big data and big data analytics. IoT security does not alone deal with the security of the device, but it also has to care about the web interfaces, cloud services, and other devices that interact with it. There are many techniques used for addressing challenges like privacy of individuals, inference, and aggregation, which makes it possible to re-identify individuals' even though they are removed from a dataset. It is understood that a few security vulnerabilities could lead to insecure web interface. This chapter discusses the challenges in security and how big data can be used for it. It also analyzes the various attacks and threat modeling in detail. Two case studies in two different areas are also discussed.

Securing Over-the-Air Code Updates in Wireless Sensor Networks

2019 ◽  
pp. 302-328
Author(s):  
Christian Wittke ◽  
Kai Lehniger ◽  
Stefan Weidling ◽  
Mario Schoelzel
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Wireless Sensor ◽  
Wireless Devices ◽  
Security Vulnerabilities ◽  
Iot Security ◽  
Software Bugs ◽  
Security Issues ◽  
The Right ◽  
The Internet Of Things

With the growing number of wireless devices in the internet of things (IoT), maintenance and management of these devices has become a key issue. In particular, the ability to wirelessly update devices is a must in order to fix security issues and software bugs, or to extend firmware functionality. Code update mechanisms in wireless sensor networks (WSNs), a subset of IoT networks, must handle limited resources and strict constraints. Also, over-the-air (OTA) code updates in the context of an IoT ecosystem may open new security vulnerabilities. An IoT security framework should therefore be extended with additional mechanisms to secure the OTA code update functionality. The chapter presents an overview of various OTA code update techniques for WSNs and their security flaws along with some existing attacks and possible countermeasures. It is discussed which attacks can be used more easily with the code update functionality. Countermeasures are compared as to whether they secure the weakened security objectives, giving a guideline to choose the right combination of countermeasures.

scholarly journals IoT security vulnerabilities and predictive signal jamming attack analysis in LoRaWAN

2020 ◽  
Vol 14 (4) ◽  
pp. 368-379 ◽  
Author(s):  
Max Ingham ◽  
Jims Marchang ◽  
Deepayan Bhowmik
Keyword(s):  
Security Vulnerabilities ◽  
Iot Security ◽  
Signal Jamming ◽  
Jamming Attack

Clinical Cybersecurity Training Through Novel High Fidelity Simulations (Preprint)

2018 ◽  
Author(s):  
Christian Dameff ◽  
Jordan Selzer ◽  
Jonathan Fisher ◽  
James Killeen ◽  
Jeffrey Tully
Keyword(s):  
Patient Safety ◽  
Patient Care ◽  
Medical Devices ◽  
Healthcare Systems ◽  
High Fidelity ◽  
Protected Health Information ◽  
Patient Harm ◽  
Security Vulnerabilities ◽  
Clinical Simulations ◽  
Medical Infrastructure

BACKGROUND Cybersecurity risks in healthcare systems have traditionally been measured in data breaches of protected health information but compromised medical devices and critical medical infrastructure raises questions about the risks of disrupted patient care. The increasing prevalence of these connected medical devices and systems implies that these risks are growing. OBJECTIVE This paper details the development and execution of three novel high fidelity clinical simulations designed to teach clinicians to recognize, treat, and prevent patient harm from vulnerable medical devices. METHODS Clinical simulations were developed which incorporated patient care scenarios with hacked medical devices based on previously researched security vulnerabilities. RESULTS Clinician participants universally failed to recognize the etiology of their patient’s pathology as being the result of a compromised device. CONCLUSIONS Simulation can be a useful tool in educating clinicians in this new, critically important patient safety space.

scholarly journals XOR-Based Low-Cost Reconfigurable PUFs for IoT Security

2019 ◽  
Vol 18 (3) ◽  
pp. 1-21 ◽  
Author(s):  
Weiqiang Liu ◽  
Lei Zhang ◽  
Zhengran Zhang ◽  
Chongyan Gu ◽  
Chenghua Wang ◽  
...  
Keyword(s):  
Low Cost ◽  
Iot Security

Hardware Information Flow Tracking

2021 ◽  
Vol 54 (4) ◽  
pp. 1-39
Author(s):  
Wei Hu ◽  
Armaiti Ardeshiricham ◽  
Ryan Kastner
Keyword(s):  
Access Control ◽  
Computer Security ◽  
Information Flow ◽  
Hardware Security ◽  
Computing System ◽  
Security Vulnerabilities ◽  
Information Flow Tracking ◽  
Side Channels ◽  
Security Properties ◽  
Tools And Techniques

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Security Threat Analyses and Attack Models for Approximate Computing Systems

2021 ◽  
Vol 26 (4) ◽  
pp. 1-31
Author(s):  
Pruthvy Yellu ◽  
Landon Buell ◽  
Miguel Mark ◽  
Michel A. Kinsy ◽  
Dongpeng Xu ◽  
...  
Keyword(s):  
Error Resilience ◽  
Security Threats ◽  
Approximate Computing ◽  
Security Threat ◽  
Security Vulnerabilities ◽  
Computing Systems ◽  
Quantitative Analyses ◽  
Resilience Mechanisms ◽  
The Impact ◽  
Attack Models

Approximate computing (AC) represents a paradigm shift from conventional precise processing to inexact computation but still satisfying the system requirement on accuracy. The rapid progress on the development of diverse AC techniques allows us to apply approximate computing to many computation-intensive applications. However, the utilization of AC techniques could bring in new unique security threats to computing systems. This work does a survey on existing circuit-, architecture-, and compiler-level approximate mechanisms/algorithms, with special emphasis on potential security vulnerabilities. Qualitative and quantitative analyses are performed to assess the impact of the new security threats on AC systems. Moreover, this work proposes four unique visionary attack models, which systematically cover the attacks that build covert channels, compensate approximation errors, terminate normal error resilience mechanisms, and propagate additional errors. To thwart those attacks, this work further offers the guideline of countermeasure designs. Several case studies are provided to illustrate the implementation of the suggested countermeasures.

Sign in / Sign up

Export Citation Format

Share Document