HALE-IoT : HArdening LEgacy Internet-of-Things devices by retrofitting defensive firmware modifications and implants
Carrillo-Mondejar, J., Turtiainen, H., Costin, A., Martinez, J.L., & Suarez-Tangil, G. (2022). HALE-IoT : HArdening LEgacy Internet-of-Things devices by retrofitting defensive firmware modifications and implants. IEEE Internet of Things Journal, 10(10), 8371-8394. https://doi.org/10.1109/JIOT.2022.3224649
Julkaistu sarjassa
IEEE Internet of Things JournalTekijät
Päivämäärä
2022Oppiaine
TekniikkaSecure Communications Engineering and Signal ProcessingEngineeringSecure Communications Engineering and Signal ProcessingTekijänoikeudet
© Authors, 2022
Internet-Of-Things (IoT) devices and their firmware are notorious for their lifelong vulnerabilities. As device infection increases, vendors also fail to release patches at a competitive pace. Despite security in IoT being an active area of research, prior work has mainly focused on vulnerability detection and exploitation, threat modelling, and protocol security. However, these methods are ineffective in preventing attacks against legacy and End-Of-Life devices that are already vulnerable. Current research mainly focuses on implementing and demonstrating the potential of malicious modifications. Hardening emerges as an effective solution to provide IoT devices with an additional layer of defense. In this paper, we bridge these gaps through the design of HALE-IoT, a generically applicable systematic approach to HArdening LEgacy IoT non-low-end devices by retrofitting defensive firmware modifications without access to the original source code. HALE-IoT approaches this non-trivial task via binary firmware reversing and modification while being underpinned by a semi-automated toolset that aims to keep cybersecurity of such devices in a hale state. Our focus is on both modern and, especially, legacy or obsolete IoT devices as they become increasingly prevalent. To evaluate the effectiveness and efficiency of HALE-IoT, we apply it to a wide range of IoT devices by retrofitting 395 firmware images with defensive implants containing an intrusion prevention system in the form of a Web Application Firewall (for prevention of web-attack vectors), and an HTTPS-proxy (for latest and full end-to-end HTTPS support) using emulation. We also test our approach on four physical devices, where we show that HALE-IoT successfully runs on protected and quite constrained devices with as low as 32MB of RAM and 8MB of storage. Overall, in our evaluation, we achieve good performance and reliability with a remarkably accurate detection and prevention rate for attacks coming from both real CVEs and synthetic exploits.
...
Julkaisija
IEEEISSN Hae Julkaisufoorumista
2372-2541Asiasanat
Julkaisu tutkimustietojärjestelmässä
https://converis.jyu.fi/converis/portal/detail/Publication/160412620
Metadata
Näytä kaikki kuvailutiedotKokoelmat
Lisätietoja rahoituksesta
Javier Carrillo-Mondejar is also supported by the Spanish Ministry of Economic Affairs and Digital Transformation under the project RTI2018-098156-B-C52, by the Spanish Ministry of Science and Innovation under the project PID2021-123627OBC52, by the Regional Gobernment of Castilla-La Mancha under the projects SBPLY/17/180501/000353 and SBPLY/21/180501/000195, and by the Spanish Education, Culture and Sports Ministry under grant FPU 17/03105. Parts of this research are supported by “Decision of the Research Dean on research funding (20.04.2022)” and “Dean’s decision on researcher mobility grants (17.1.2022)” within the Faculty of Information Technology of University of Jyväskylä. Hannu Turtiainen also thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (https://skr.fi/en) for supporting his Ph.D. dissertation work and research (under grant decision no. 00221059) and the Faculty of Information Technology of the University of Jyväskylä (JYU), in particular, Prof. Timo Hämäläinen, for partly supporting and supervising his Ph.D. work at JYU in 2021–2023. Guillermo Suarez-Tangil was funded by the “Ramon y Cajal” Fellowship RYC-2020-029401-I, and supported by TED2021-132900A-I00 from the Spanish Ministery of Science and Innovation. ...Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
Hardening legacy IoT-devices by retrofitting security measures
Laamanen, Jami (2019)Uusia haavoittuvuuksia löydetään jatkuvasti vanhentuneista IoT-laitteista, joiden tuki on loppunut. Tavallisesti valmistajat lopettavat tällaisten laitteiden tukemisen, vaikka ne olisivat edelleen laajasti käytössä. Tässä ... -
Insecure Firmware and Wireless Technologies as “Achilles’ Heel” in Cybersecurity of Cyber-Physical Systems
Costin, Andrei (Springer, 2022)In this chapter, we analyze cybersecurity weaknesses in three use-cases of real-world cyber-physical systems: transportation (aviation), remote explosives and robotic weapons (fireworks pyrotechnics), and physical security ... -
A View on Vulnerabilities Within IoT Devices in the Smart Home Environment
Nykänen, Annika; Costin, Andrei (Springer Nature Switzerland, 2023)The number of different devices connected to the Internet is constantly increasing. There is a high demand for these devices, and their benefits are clear for certain groups of users. Some of these devices, the Internet ... -
Attacking TrustZone on devices lacking memory protection
Stajnrod, Ron; Ben Yehuda, Raz; Zaidenberg, Nezer Jacob (Springer Science and Business Media LLC, 2022)ARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the ... -
Esineiden internetin tietoturvauhkat teollisuuden yrityksissä
Räsänen, Aleksi (2018)Esineiden Internetin käyttö on ollut pitkään nousussa ja se on muokannut yhteiskuntaamme monella tavalla. Myös teollisuus on hyödyntänyt Esineiden Internetin sovelluksia monella tasolla. Haittavaikutuksina on kuitenkin ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.