• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

物联网设备网络攻击的自动验证与执行

Automatic Verification and Execution of Cyber Attack on IoT Devices.

机构信息

Department of Information Security and Communication Technology, Norwegian Univeristy of Science and Technology, 2815 Gjøvik, Norway.

Institute for Energy Technology, Os alle 5, 1777 Halden, Norway.

出版信息

Sensors (Basel). 2023 Jan 9;23(2):733. doi: 10.3390/s23020733.

DOI:10.3390/s23020733
PMID:36679532
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC9864476/
Abstract

Internet of Things (IoT) devices are becoming a part of our daily life; from health monitors to critical infrastructure, they are used everywhere. This makes them ideal targets for malicious actors to exploit for nefarious purposes. Recent attacks like the Mirai botnet are just examples in which default credentials were used to exploit thousands of devices. This raises major concerns about IoT device security. In this work, we aimed to investigate security of IoT devices through performing automatic penetration test on IoT devices. A penetration test is a way of detecting security problems, but manually testing billions of IoT devices is infeasible. This work has therefore examined autonomous penetration testing on IoT devices. In recent studies, automated attack execution models were developed for modeling automated attacks in cyber ranges. We have (1) investigated how such models can be applied for performing autonomous IoT penetration testing. Furthermore, we have (2) investigated if some well known and severe Wi-Fi related vulnerabilities still exist in IoT devices. Through a case study, we have shown that the such models can be used to model and design autonomous penetration testing agents for IoT devices. In addition, we have demonstrated that well-known vulnerabilities are present in deployed and currently sold products used in IoT devices, and that they can be both autonomously revealed through our developed system.

摘要

物联网 (IoT) 设备正逐渐成为我们日常生活的一部分;从健康监测器到关键基础设施,它们无处不在。这使得它们成为恶意行为者为恶意目的利用的理想目标。最近的攻击,如 Mirai 僵尸网络,只是利用默认凭据来利用数千台设备的例子。这引发了对物联网设备安全性的重大关注。在这项工作中,我们旨在通过对物联网设备进行自动渗透测试来研究物联网设备的安全性。渗透测试是一种检测安全问题的方法,但手动测试数十亿台物联网设备是不可行的。因此,这项工作检查了物联网设备的自主渗透测试。在最近的研究中,已经开发了自动化攻击执行模型,用于在网络范围内模拟自动化攻击。我们已经 (1) 研究了如何将这些模型应用于执行自主物联网渗透测试。此外,我们还 (2) 研究了物联网设备中是否仍然存在一些已知的严重与 Wi-Fi 相关的漏洞。通过案例研究,我们表明,这些模型可用于为物联网设备建模和设计自主渗透测试代理。此外,我们证明了部署和当前销售的物联网设备中存在已知漏洞,并且可以通过我们开发的系统自主揭示这些漏洞。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/36cb77f9e627/sensors-23-00733-g023.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/642339df9ed4/sensors-23-00733-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/97f4031f74ed/sensors-23-00733-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/cdc88cdab0ed/sensors-23-00733-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/92c69bb7fda4/sensors-23-00733-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/365e522cea47/sensors-23-00733-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/a79224480c14/sensors-23-00733-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/6a9334cec9bb/sensors-23-00733-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/96b17bbca634/sensors-23-00733-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/9cc9dadb5488/sensors-23-00733-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/13ecbcf28e13/sensors-23-00733-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/18848a6a24be/sensors-23-00733-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/c711b378a7c1/sensors-23-00733-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/f8ce385dd6c9/sensors-23-00733-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/fe018bb31fab/sensors-23-00733-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/15058d0011bf/sensors-23-00733-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/336597ed9146/sensors-23-00733-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/b897bd098b7f/sensors-23-00733-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/e6f27ef46f2a/sensors-23-00733-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/93d44a57b6ae/sensors-23-00733-g019.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/5d19e08b866a/sensors-23-00733-g020.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/a445615c7ab8/sensors-23-00733-g021.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/77f56c66256f/sensors-23-00733-g022.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/36cb77f9e627/sensors-23-00733-g023.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/642339df9ed4/sensors-23-00733-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/97f4031f74ed/sensors-23-00733-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/cdc88cdab0ed/sensors-23-00733-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/92c69bb7fda4/sensors-23-00733-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/365e522cea47/sensors-23-00733-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/a79224480c14/sensors-23-00733-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/6a9334cec9bb/sensors-23-00733-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/96b17bbca634/sensors-23-00733-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/9cc9dadb5488/sensors-23-00733-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/13ecbcf28e13/sensors-23-00733-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/18848a6a24be/sensors-23-00733-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/c711b378a7c1/sensors-23-00733-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/f8ce385dd6c9/sensors-23-00733-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/fe018bb31fab/sensors-23-00733-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/15058d0011bf/sensors-23-00733-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/336597ed9146/sensors-23-00733-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/b897bd098b7f/sensors-23-00733-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/e6f27ef46f2a/sensors-23-00733-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/93d44a57b6ae/sensors-23-00733-g019.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/5d19e08b866a/sensors-23-00733-g020.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/a445615c7ab8/sensors-23-00733-g021.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/77f56c66256f/sensors-23-00733-g022.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/654d/9864476/36cb77f9e627/sensors-23-00733-g023.jpg

相似文献

1
Automatic Verification and Execution of Cyber Attack on IoT Devices.物联网设备网络攻击的自动验证与执行
Sensors (Basel). 2023 Jan 9;23(2):733. doi: 10.3390/s23020733.
2
A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools.用于验证网络威胁预防工具的恶意软件传播模拟器
Sensors (Basel). 2021 Oct 21;21(21):6983. doi: 10.3390/s21216983.
3
Identifying and Mitigating Phishing Attack Threats in IoT Use Cases Using a Threat Modelling Approach.利用威胁建模方法识别和缓解物联网用例中的网络钓鱼攻击威胁。
Sensors (Basel). 2021 Jul 14;21(14):4816. doi: 10.3390/s21144816.
4
Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations.基于无线的物联网(IoT)中的代码注入攻击:全面综述与实际实现
Sensors (Basel). 2023 Jun 30;23(13):6067. doi: 10.3390/s23136067.
5
A Framework for Malicious Traffic Detection in IoT Healthcare Environment.物联网医疗环境中的恶意流量检测框架。
Sensors (Basel). 2021 Apr 26;21(9):3025. doi: 10.3390/s21093025.
6
Teaching and Learning IoT Cybersecurity andVulnerability Assessment with Shodan through Practical Use Cases.通过实际用例教授和学习物联网网络安全和漏洞评估以及 Shodan 的使用。
Sensors (Basel). 2020 May 27;20(11):3048. doi: 10.3390/s20113048.
7
Hardware Security of Fog End-Devices for the Internet of Things.雾端物联网设备的硬件安全。
Sensors (Basel). 2020 Oct 9;20(20):5729. doi: 10.3390/s20205729.
8
Botnet Detection and Mitigation Model for IoT Networks Using Federated Learning.基于联邦学习的物联网网络僵尸网络检测与缓解模型
Sensors (Basel). 2023 Jul 11;23(14):6305. doi: 10.3390/s23146305.
9
DDoS Attack Prevention for Internet of Thing Devices Using Ethereum Blockchain Technology.利用以太坊区块链技术防止物联网设备的 DDoS 攻击。
Sensors (Basel). 2022 Sep 8;22(18):6806. doi: 10.3390/s22186806.
10
Systematic Literature Review of IoT Botnet DDOS Attacks and Evaluation of Detection Techniques.物联网僵尸网络分布式拒绝服务攻击的系统文献综述及检测技术评估
Sensors (Basel). 2024 Jun 1;24(11):3571. doi: 10.3390/s24113571.

引用本文的文献

1
Code Integrity and Confidentiality: An Active Data Approach for Active and Healthy Ageing.代码完整性和保密性:积极健康老龄化的主动数据方法。
Sensors (Basel). 2023 May 16;23(10):4794. doi: 10.3390/s23104794.