期刊
2019 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2019)
卷 -, 期 -, 页码 1362-1380出版社
IEEE COMPUTER SOC
DOI: 10.1109/SP.2019.00013
关键词
-
资金
- US Department of Commerce [2106DEK, 2106DZD]
- National Science Foundation (NSF) [2106DGX]
- Air Force Research Laboratory/Defense Advanced Research Projects Agency [2106DTX, 2106EHP]
Home-based IoT devices have a bleak reputation regarding their security practices. On the surface, the insecurities of IoT devices seem to be caused by integration problems that may be addressed by simple measures, but this work finds that to be a naive assumption. The truth is, IoT deployments, at their core, utilize traditional compute systems, such as embedded, mobile, and network. These components have many unexplored challenges such as the effect of over-privileged mobile applications on embedded devices. Our work proposes a methodology that researchers and practitioners could employ to analyze security properties for home-based IoT devices. We systematize the literature for home-based IoT using this methodology in order to understand attack techniques, mitigations, and stakeholders. Further, we evaluate 45 devices to augment the systematized literature in order to identify neglected research areas. To make this analysis transparent and easier to adapt by the community, we provide a public portal to share our evaluation data and invite the community to contribute their independent findings.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据