{"title":"A Lightweight Vulnerability Mitigation Framework for IoT Devices","authors":"Noy Hadar, Shachar Siboni, Y. Elovici","doi":"10.1145/3139937.3139944","DOIUrl":null,"url":null,"abstract":"Many of today's Internet of Things (IoT) devices are vulnerable due to the large amount of overhead incurred when their operating systems are patched against emerging vulnerabilities. In addition, legacy IoT devices are no longer supported by their manufacturers, leaving customers with unpatched devices that can be easily exploited by attackers. Thus, there is an urgent need for a solution that provides a lightweight and low-cost mechanism for preventing exploitation of vulnerable IoT devices. In this paper, we propose an innovative cloud-based framework for protecting IoT devices. The proposed framework consists of a cloud service and a designated IoT security appliance. The security appliance controls the network traffic flowing to and from the vulnerable device and verifies that it does not violate a set of rules, represented by a vulnerability mitigation policy, that have been derived and synthesized by the cloud service from public corpora of Common Vulnerabilities and Exposures (CVE). We demonstrate how the proposed solution can be applied as a cost-effective solution capable of preventing exploitation of vulnerable IP cameras as part of a prominent botnet attack called Mirai.","PeriodicalId":129651,"journal":{"name":"Proceedings of the 2017 Workshop on Internet of Things Security and Privacy","volume":"89 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"27","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 Workshop on Internet of Things Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3139937.3139944","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 27
Abstract
Many of today's Internet of Things (IoT) devices are vulnerable due to the large amount of overhead incurred when their operating systems are patched against emerging vulnerabilities. In addition, legacy IoT devices are no longer supported by their manufacturers, leaving customers with unpatched devices that can be easily exploited by attackers. Thus, there is an urgent need for a solution that provides a lightweight and low-cost mechanism for preventing exploitation of vulnerable IoT devices. In this paper, we propose an innovative cloud-based framework for protecting IoT devices. The proposed framework consists of a cloud service and a designated IoT security appliance. The security appliance controls the network traffic flowing to and from the vulnerable device and verifies that it does not violate a set of rules, represented by a vulnerability mitigation policy, that have been derived and synthesized by the cloud service from public corpora of Common Vulnerabilities and Exposures (CVE). We demonstrate how the proposed solution can be applied as a cost-effective solution capable of preventing exploitation of vulnerable IP cameras as part of a prominent botnet attack called Mirai.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
