• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于无线的物联网(IoT)中的代码注入攻击:全面综述与实际实现

Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations.

作者信息

Noman Haitham Ameen, Abu-Sharkh Osama M F

机构信息

Computer Engineering Department, King Abdullah II School of Engineering, Princess Sumaya University for Technology, Amman 11941, Jordan.

出版信息

Sensors (Basel). 2023 Jun 30;23(13):6067. doi: 10.3390/s23136067.

DOI:10.3390/s23136067
PMID:37447915
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10346793/
Abstract

The Internet of Things (IoT) has transformed various domains in our lives by enabling seamless communication and data exchange between interconnected devices, necessitating robust networking infrastructure. This paper presents a comprehensive analysis of code injection attacks in IoT, focusing on the wireless domain. Code injection attacks exploit security weaknesses in applications or software and can have severe consequences, such as data breaches, financial losses, and denial of service. This paper discusses vulnerabilities in IoT systems and examines how wireless frames in state-of-the-art wireless technologies, which serve IoT applications, are exposed to such attacks. To demonstrate the severity of these threats, we introduce a comprehensive framework illustrating code injection attacks in the wireless domain. Several code injection attacks are performed on Wireless Fidelity (Wi-Fi) devices operating on an embedded system commonly used in IoT applications. Our proof of concept reveals that the victims' devices become further exposed to a full range of cyber-attacks following a successful severe code injection attack. We also demonstrate three scenarios where malicious codes had been detected inside the firmware of wireless devices used in IoT applications by performing reverse engineering techniques. Criticality analysis is conducted for the implemented and demonstrated attacks using Intrusion Modes and Criticality Analysis (IMECA). By understanding the vulnerabilities and potential consequences of code injection attacks on IoT networks and devices, researchers and practitioners can develop more secure IoT systems and better protect against these emerging threats.

摘要

物联网(IoT)通过实现互联设备之间的无缝通信和数据交换,改变了我们生活中的各个领域,这就需要强大的网络基础设施。本文对物联网中的代码注入攻击进行了全面分析,重点关注无线领域。代码注入攻击利用应用程序或软件中的安全漏洞,可能会造成严重后果,如数据泄露、财务损失和拒绝服务。本文讨论了物联网系统中的漏洞,并研究了为物联网应用服务的先进无线技术中的无线帧是如何受到此类攻击的。为了证明这些威胁的严重性,我们引入了一个全面的框架来说明无线领域的代码注入攻击。我们对运行在物联网应用中常用的嵌入式系统上的无线保真(Wi-Fi)设备进行了多次代码注入攻击。我们的概念验证表明,在成功实施严重的代码注入攻击后,受害者的设备会更容易受到各种网络攻击。我们还通过执行逆向工程技术,展示了在物联网应用中使用的无线设备固件中检测到恶意代码的三种情况。使用入侵模式和关键性分析(IMECA)对实施和演示的攻击进行关键性分析。通过了解代码注入攻击对物联网网络和设备的漏洞及潜在后果,研究人员和从业人员可以开发出更安全的物联网系统,并更好地防范这些新出现的威胁。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/9586d6e9a862/sensors-23-06067-g024.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/d8d02ebef04a/sensors-23-06067-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/e3d51b6fa46b/sensors-23-06067-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/269dbd2fb9ba/sensors-23-06067-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/f58aba406a13/sensors-23-06067-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/2a7eef73a0b9/sensors-23-06067-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/e187f0b54ff0/sensors-23-06067-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/30b2d0dc0bb1/sensors-23-06067-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/8b56d0e94369/sensors-23-06067-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/b3ca0a607732/sensors-23-06067-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/c94a6057145c/sensors-23-06067-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/c0434782a79f/sensors-23-06067-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/cb8019dcd1e5/sensors-23-06067-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/018190912b34/sensors-23-06067-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/6868863c68f3/sensors-23-06067-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/879c48ee1fd9/sensors-23-06067-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/8b6154d3d587/sensors-23-06067-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/e6edc1f1f9a7/sensors-23-06067-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/813aa38e962d/sensors-23-06067-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/3b36af38bd06/sensors-23-06067-g019.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/785445f4066b/sensors-23-06067-g020.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/f366efe63607/sensors-23-06067-g021.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/1ded607532a2/sensors-23-06067-g022.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/5c8b2b5165b8/sensors-23-06067-g023.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/9586d6e9a862/sensors-23-06067-g024.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/d8d02ebef04a/sensors-23-06067-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/e3d51b6fa46b/sensors-23-06067-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/269dbd2fb9ba/sensors-23-06067-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/f58aba406a13/sensors-23-06067-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/2a7eef73a0b9/sensors-23-06067-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/e187f0b54ff0/sensors-23-06067-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/30b2d0dc0bb1/sensors-23-06067-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/8b56d0e94369/sensors-23-06067-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/b3ca0a607732/sensors-23-06067-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/c94a6057145c/sensors-23-06067-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/c0434782a79f/sensors-23-06067-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/cb8019dcd1e5/sensors-23-06067-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/018190912b34/sensors-23-06067-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/6868863c68f3/sensors-23-06067-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/879c48ee1fd9/sensors-23-06067-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/8b6154d3d587/sensors-23-06067-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/e6edc1f1f9a7/sensors-23-06067-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/813aa38e962d/sensors-23-06067-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/3b36af38bd06/sensors-23-06067-g019.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/785445f4066b/sensors-23-06067-g020.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/f366efe63607/sensors-23-06067-g021.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/1ded607532a2/sensors-23-06067-g022.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/5c8b2b5165b8/sensors-23-06067-g023.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4d08/10346793/9586d6e9a862/sensors-23-06067-g024.jpg

相似文献

1
Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations.基于无线的物联网(IoT)中的代码注入攻击:全面综述与实际实现
Sensors (Basel). 2023 Jun 30;23(13):6067. doi: 10.3390/s23136067.
2
Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.基于软件定义网络的一对多策略,用于检测和缓解智能家居物联网设备中的分布式拒绝服务攻击
Sensors (Basel). 2024 Aug 3;24(15):5022. doi: 10.3390/s24155022.
3
A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools.用于验证网络威胁预防工具的恶意软件传播模拟器
Sensors (Basel). 2021 Oct 21;21(21):6983. doi: 10.3390/s21216983.
4
Automatic Verification and Execution of Cyber Attack on IoT Devices.物联网设备网络攻击的自动验证与执行
Sensors (Basel). 2023 Jan 9;23(2):733. doi: 10.3390/s23020733.
5
Blockchain Mechanism and Symmetric Encryption in A Wireless Sensor Network.无线传感器网络中的区块链机制与对称加密
Sensors (Basel). 2020 May 14;20(10):2798. doi: 10.3390/s20102798.
6
A Framework for Malicious Traffic Detection in IoT Healthcare Environment.物联网医疗环境中的恶意流量检测框架。
Sensors (Basel). 2021 Apr 26;21(9):3025. doi: 10.3390/s21093025.
7
Exploring security threats and solutions Techniques for Internet of Things (IoT): from vulnerabilities to vigilance.探索物联网(IoT)的安全威胁与解决方案:从漏洞到警惕性的技术
Front Artif Intell. 2024 May 15;7:1397480. doi: 10.3389/frai.2024.1397480. eCollection 2024.
8
Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things.迈向基于深度学习驱动的物联网入侵检测
Sensors (Basel). 2019 Apr 27;19(9):1977. doi: 10.3390/s19091977.
9
Systematic Literature Review of IoT Botnet DDOS Attacks and Evaluation of Detection Techniques.物联网僵尸网络分布式拒绝服务攻击的系统文献综述及检测技术评估
Sensors (Basel). 2024 Jun 1;24(11):3571. doi: 10.3390/s24113571.
10
A Review of IoT Firmware Vulnerabilities and Auditing Techniques.物联网固件漏洞与审计技术综述
Sensors (Basel). 2024 Jan 22;24(2):708. doi: 10.3390/s24020708.

引用本文的文献

1
A Review of the Authentication Techniques for Internet of Things Devices in Smart Cities: Opportunities, Challenges, and Future Directions.智慧城市中物联网设备认证技术综述:机遇、挑战与未来方向
Sensors (Basel). 2025 Mar 7;25(6):1649. doi: 10.3390/s25061649.
2
Detecting Unusual Repetitive Patterns of Behavior Indicative of a Loop-Based Attack in IoT.检测物联网中基于循环攻击的异常重复行为模式。
Sensors (Basel). 2024 Nov 26;24(23):7534. doi: 10.3390/s24237534.

本文引用的文献

1
A Universal Testbed for IoT Wireless Technologies: Abstracting Latency, Error Rate and Stability from the IoT Protocol and Hardware Platform.物联网无线技术通用测试平台:从物联网协议和硬件平台中提取延迟、错误率和稳定性
Sensors (Basel). 2022 May 30;22(11):4159. doi: 10.3390/s22114159.
2
Applications of Wireless Sensor Networks and Internet of Things Frameworks in the Industry Revolution 4.0: A Systematic Literature Review.无线传感器网络和物联网框架在工业革命 4.0 中的应用:系统文献综述。
Sensors (Basel). 2022 Mar 8;22(6):2087. doi: 10.3390/s22062087.
3
The Security of IP-Based Video Surveillance Systems.
基于 IP 的视频监控系统的安全性。
Sensors (Basel). 2020 Aug 26;20(17):4806. doi: 10.3390/s20174806.
4
Cybersecurity for Cardiac Implantable Electronic Devices: What Should You Know?心脏植入式电子设备的网络安全:您应该了解什么?
J Am Coll Cardiol. 2018 Mar 20;71(11):1284-1288. doi: 10.1016/j.jacc.2018.01.023. Epub 2018 Feb 20.
5
Next Generation Wireless Technologies for Internet of Things.面向物联网的下一代无线技术
Sensors (Basel). 2018 Jan 14;18(1):221. doi: 10.3390/s18010221.