{"title":"基于upnp的物联网安全概述:威胁、漏洞和未来解决方案","authors":"Golam Kayas, M. Hossain, J. Payton, S. Islam","doi":"10.1109/IEMCON51383.2020.9284885","DOIUrl":null,"url":null,"abstract":"Advances in the development and increased availability of smart devices ranging from small sensors to complex cloud infrastructures as well as various networking technologies and communication protocols have supported the rapid expansion of Internet of Things deployments. The Universal Plug and Play (UPnP) protocol has been widely accepted and used in the IoT domain to support interactions among heterogeneous IoT devices, in part due to zero configuration implementation which makes it feasible for use in large-scale networks. The popularity and ubiquity of UPnP to support IoT systems necessitate an exploration of security risks associated with the use of the protocol for IoT deployments. In this work, we analyze security vulnerabilities of UPnP-based IoT systems and identify attack opportunities by the adversaries leveraging the vulnerabilities. Finally, we propose prospective solutions to secure UPnP-based IoT systems from adversarial operations.","PeriodicalId":6871,"journal":{"name":"2020 11th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)","volume":"97 1","pages":"0452-0460"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"An Overview of UPnP-based IoT Security: Threats, Vulnerabilities, and Prospective Solutions\",\"authors\":\"Golam Kayas, M. Hossain, J. Payton, S. Islam\",\"doi\":\"10.1109/IEMCON51383.2020.9284885\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advances in the development and increased availability of smart devices ranging from small sensors to complex cloud infrastructures as well as various networking technologies and communication protocols have supported the rapid expansion of Internet of Things deployments. The Universal Plug and Play (UPnP) protocol has been widely accepted and used in the IoT domain to support interactions among heterogeneous IoT devices, in part due to zero configuration implementation which makes it feasible for use in large-scale networks. The popularity and ubiquity of UPnP to support IoT systems necessitate an exploration of security risks associated with the use of the protocol for IoT deployments. In this work, we analyze security vulnerabilities of UPnP-based IoT systems and identify attack opportunities by the adversaries leveraging the vulnerabilities. Finally, we propose prospective solutions to secure UPnP-based IoT systems from adversarial operations.\",\"PeriodicalId\":6871,\"journal\":{\"name\":\"2020 11th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)\",\"volume\":\"97 1\",\"pages\":\"0452-0460\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 11th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IEMCON51383.2020.9284885\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 11th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IEMCON51383.2020.9284885","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Overview of UPnP-based IoT Security: Threats, Vulnerabilities, and Prospective Solutions
Advances in the development and increased availability of smart devices ranging from small sensors to complex cloud infrastructures as well as various networking technologies and communication protocols have supported the rapid expansion of Internet of Things deployments. The Universal Plug and Play (UPnP) protocol has been widely accepted and used in the IoT domain to support interactions among heterogeneous IoT devices, in part due to zero configuration implementation which makes it feasible for use in large-scale networks. The popularity and ubiquity of UPnP to support IoT systems necessitate an exploration of security risks associated with the use of the protocol for IoT deployments. In this work, we analyze security vulnerabilities of UPnP-based IoT systems and identify attack opportunities by the adversaries leveraging the vulnerabilities. Finally, we propose prospective solutions to secure UPnP-based IoT systems from adversarial operations.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
