Comprehensive Vulnerability Detection and Malware Infection Testing Strategies for IoT Devices

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Internet of Things Journal Pub Date : 2025-02-20 DOI:10.1109/JIOT.2025.3543819

Bo-Hao Liang;Ren-Hung Hwang;Jia-You Lin;Hsiao-Hwa Chen

{"title":"Comprehensive Vulnerability Detection and Malware Infection Testing Strategies for IoT Devices","authors":"Bo-Hao Liang;Ren-Hung Hwang;Jia-You Lin;Hsiao-Hwa Chen","doi":"10.1109/JIOT.2025.3543819","DOIUrl":null,"url":null,"abstract":"With the increasing prevalence of Internet of Things (IoT) devices, security vulnerabilities and malware infections have emerged as significant risks. To address these challenges, advanced vulnerability detection tools are essential for enhancing IoT security assessments. In this study, we analyzed common vulnerabilities and evolving attack methodologies to develop improved detection techniques. Our research focuses on two key areas: 1) comprehensive vulnerability detection and 2) malware infection testing strategies. Through on-site testing and detailed analysis, we identified prevalent security flaws in IoT devices and developed a suite of tools tailored for detecting these vulnerabilities. Additionally, we discovered that some devices exhibit inherent immunity to specific malware strains, emphasizing the need for novel malware infection detection strategies. Real-world evaluations uncovered previously unknown vulnerabilities and weaknesses, revealed widespread susceptibility to DoS attacks, and demonstrated that not all devices are vulnerable to malware infections. These findings confirm the effectiveness of our approach in identifying risks and enhancing IoT security.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 12","pages":"20556-20571"},"PeriodicalIF":8.9000,"publicationDate":"2025-02-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10897811/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the increasing prevalence of Internet of Things (IoT) devices, security vulnerabilities and malware infections have emerged as significant risks. To address these challenges, advanced vulnerability detection tools are essential for enhancing IoT security assessments. In this study, we analyzed common vulnerabilities and evolving attack methodologies to develop improved detection techniques. Our research focuses on two key areas: 1) comprehensive vulnerability detection and 2) malware infection testing strategies. Through on-site testing and detailed analysis, we identified prevalent security flaws in IoT devices and developed a suite of tools tailored for detecting these vulnerabilities. Additionally, we discovered that some devices exhibit inherent immunity to specific malware strains, emphasizing the need for novel malware infection detection strategies. Real-world evaluations uncovered previously unknown vulnerabilities and weaknesses, revealed widespread susceptibility to DoS attacks, and demonstrated that not all devices are vulnerable to malware infections. These findings confirm the effectiveness of our approach in identifying risks and enhancing IoT security.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

物联网设备综合漏洞检测与恶意软件感染测试策略

随着物联网（IoT）设备的日益普及，安全漏洞和恶意软件感染已成为重大风险。为了应对这些挑战，先进的漏洞检测工具对于加强物联网安全评估至关重要。在本研究中，我们分析了常见的漏洞和不断发展的攻击方法，以开发改进的检测技术。我们的研究主要集中在两个关键领域：1)综合漏洞检测和2)恶意软件感染测试策略。通过现场测试和详细分析，我们确定了物联网设备中普遍存在的安全漏洞，并开发了一套专门用于检测这些漏洞的工具。此外，我们发现一些设备对特定的恶意软件菌株表现出固有的免疫力，强调需要新的恶意软件感染检测策略。真实世界的评估发现了以前未知的漏洞和弱点，揭示了对DoS攻击的普遍易感性，并证明并非所有设备都容易受到恶意软件感染。这些发现证实了我们的方法在识别风险和增强物联网安全方面的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.