• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于大语言模型的受保护接口规避:物联网设备中访问控制漏洞的自动发现

Large Language Model-Powered Protected Interface Evasion: Automated Discovery of Broken Access Control Vulnerabilities in Internet of Things Devices.

作者信息

Wang Enze, Xie Wei, Li Shuhuan, Liu Runhao, Zhou Yuan, Wang Zhenhua, Ma Shuoyoucheng, Yang Wantong, Wang Baosheng

机构信息

College of Computer Science and Technology, National University of Defense Technology, No. 137 Yanwachi Street, Changsha 410073, China.

出版信息

Sensors (Basel). 2025 May 5;25(9):2913. doi: 10.3390/s25092913.

DOI:10.3390/s25092913
PMID:40363350
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC12074161/
Abstract

Broken access control vulnerabilities pose significant security risks to the protected web interfaces of IoT devices, enabling adversaries to gain unauthorized access to sensitive configurations and even use them as stepping stones for attacking the intranet. Despite its ranking as the first in the latest OWASP Top 10, there remains a lack of effective methodologies to detect these vulnerabilities systematically. We present ACBreaker, a novel methodology powered by a large language model (LLM), to effectively identify broken access control vulnerabilities in the protected web interfaces of IoT devices. Our methodology consists of three stages. The initial stage transforms firmware code that exceeds the LLM context window into semantically intact code snippets. The second stage involves using an LLM to extract device-specific information from firmware code. The final stage integrates this information into the mutation-based fuzzer to improve fuzzing effectiveness and employ differential analysis to identify vulnerabilities. We evaluated ACBreaker across 11 IoT devices, analyzing 1,274,646 lines of code and discovering 39 previously unknown vulnerabilities. We further analyzed these vulnerabilities, categorizing them into three types that contribute to protected interface evasion, and provided mitigation suggestions. These vulnerabilities were responsibly disclosed to vendors, with CVE IDs assigned to those in six IoT devices.

摘要

访问控制失效漏洞对物联网设备受保护的Web接口构成了重大安全风险,使攻击者能够未经授权访问敏感配置,甚至将其用作攻击内部网络的跳板。尽管在最新的OWASP十大漏洞中排名第一,但仍然缺乏系统检测这些漏洞的有效方法。我们提出了ACBreaker,这是一种由大语言模型(LLM)驱动的新颖方法,用于有效识别物联网设备受保护Web接口中的访问控制失效漏洞。我们的方法包括三个阶段。初始阶段将超过LLM上下文窗口的固件代码转换为语义完整的代码片段。第二阶段使用LLM从固件代码中提取特定于设备的信息。最后阶段将此信息集成到基于变异的模糊测试器中,以提高模糊测试的有效性,并采用差分分析来识别漏洞。我们在11个物联网设备上评估了ACBreaker,分析了1,274,646行代码,发现了39个以前未知的漏洞。我们进一步分析了这些漏洞,将它们分为有助于规避受保护接口的三种类型,并提供了缓解建议。这些漏洞已向供应商进行了负责任的披露,六个物联网设备中的漏洞被分配了CVE编号。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/637dee0c91be/sensors-25-02913-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/5b606cf4528b/sensors-25-02913-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/500d40bebe48/sensors-25-02913-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/75778d757df3/sensors-25-02913-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/e3d1a3744d38/sensors-25-02913-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/be35347106ee/sensors-25-02913-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/e230462022e8/sensors-25-02913-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/fb5578eefd2a/sensors-25-02913-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/fe9451fab1e5/sensors-25-02913-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/57ae585384aa/sensors-25-02913-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/133e5ee5ac58/sensors-25-02913-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/33ffbcabe30b/sensors-25-02913-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/78307826363c/sensors-25-02913-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/b4a18c2bbe58/sensors-25-02913-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/c83932371824/sensors-25-02913-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/637dee0c91be/sensors-25-02913-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/5b606cf4528b/sensors-25-02913-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/500d40bebe48/sensors-25-02913-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/75778d757df3/sensors-25-02913-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/e3d1a3744d38/sensors-25-02913-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/be35347106ee/sensors-25-02913-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/e230462022e8/sensors-25-02913-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/fb5578eefd2a/sensors-25-02913-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/fe9451fab1e5/sensors-25-02913-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/57ae585384aa/sensors-25-02913-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/133e5ee5ac58/sensors-25-02913-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/33ffbcabe30b/sensors-25-02913-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/78307826363c/sensors-25-02913-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/b4a18c2bbe58/sensors-25-02913-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/c83932371824/sensors-25-02913-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2747/12074161/637dee0c91be/sensors-25-02913-g015.jpg

相似文献

1
Large Language Model-Powered Protected Interface Evasion: Automated Discovery of Broken Access Control Vulnerabilities in Internet of Things Devices.基于大语言模型的受保护接口规避:物联网设备中访问控制漏洞的自动发现
Sensors (Basel). 2025 May 5;25(9):2913. doi: 10.3390/s25092913.
2
Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk.检测物联网设备及其如何使大型异构网络面临安全风险。
Sensors (Basel). 2019 Sep 23;19(19):4107. doi: 10.3390/s19194107.
3
A Review of IoT Firmware Vulnerabilities and Auditing Techniques.物联网固件漏洞与审计技术综述
Sensors (Basel). 2024 Jan 22;24(2):708. doi: 10.3390/s24020708.
4
Named-Entity-Recognition-Based Automated System for Diagnosing Cybersecurity Situations in IoT Networks.基于命名实体识别的物联网网络网络安全态势诊断自动化系统。
Sensors (Basel). 2019 Aug 1;19(15):3380. doi: 10.3390/s19153380.
5
The Presence, Trends, and Causes of Security Vulnerabilities in Operating Systems of IoT's Low-End Devices.物联网低端设备操作系统安全漏洞的存在、趋势和原因。
Sensors (Basel). 2021 Mar 26;21(7):2329. doi: 10.3390/s21072329.
6
Framework to perform taint analysis and security assessment of IoT devices in smart cities.用于对智慧城市中的物联网设备进行污点分析和安全评估的框架。
PeerJ Comput Sci. 2023 Dec 21;9:e1771. doi: 10.7717/peerj-cs.1771. eCollection 2023.
7
A Survey of the Security Analysis of Embedded Devices.嵌入式设备安全分析综述
Sensors (Basel). 2023 Nov 16;23(22):9221. doi: 10.3390/s23229221.
8
Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations.基于无线的物联网(IoT)中的代码注入攻击:全面综述与实际实现
Sensors (Basel). 2023 Jun 30;23(13):6067. doi: 10.3390/s23136067.
9
Exploring security threats and solutions Techniques for Internet of Things (IoT): from vulnerabilities to vigilance.探索物联网(IoT)的安全威胁与解决方案:从漏洞到警惕性的技术
Front Artif Intell. 2024 May 15;7:1397480. doi: 10.3389/frai.2024.1397480. eCollection 2024.
10
Automated Vulnerability Discovery and Exploitation in the Internet of Things.物联网中的自动化漏洞发现与利用
Sensors (Basel). 2019 Jul 31;19(15):3362. doi: 10.3390/s19153362.

本文引用的文献

1
Securing Cloud-Based Internet of Things: Challenges and Mitigations.保障基于云的物联网安全:挑战与应对措施
Sensors (Basel). 2024 Dec 26;25(1):79. doi: 10.3390/s25010079.
2
Access Control for IoT: A Survey of Existing Research, Dynamic Policies and Future Directions.物联网访问控制:现有研究、动态策略和未来方向的调查。
Sensors (Basel). 2023 Feb 6;23(4):1805. doi: 10.3390/s23041805.
3
MultiFuzz: A Coverage-Based Multiparty-Protocol Fuzzer for IoT Publish/Subscribe Protocols.MultiFuzz:一种用于物联网发布/订阅协议的基于覆盖的多方协议模糊测试器。
Sensors (Basel). 2020 Sep 11;20(18):5194. doi: 10.3390/s20185194.