Exploitation Techniques of IoST Vulnerabilities in Air-Gapped Networks and Security Measures—A Systematic Review

Signals Pub Date : 2023-10-13 DOI:10.3390/signals4040038
Razi Hamada, Ievgeniia Kuzminykh
{"title":"Exploitation Techniques of IoST Vulnerabilities in Air-Gapped Networks and Security Measures—A Systematic Review","authors":"Razi Hamada, Ievgeniia Kuzminykh","doi":"10.3390/signals4040038","DOIUrl":null,"url":null,"abstract":"IP cameras and digital video recorders, as part of the Internet of Surveillance Things (IoST) technology, can sometimes allow unauthenticated access to the video feed or management dashboard. These vulnerabilities may result from weak APIs, misconfigurations, or hidden firmware backdoors. What is particularly concerning is that these vulnerabilities can stay unnoticed for extended periods, spanning weeks, months, or even years, until a malicious attacker decides to exploit them. The response actions in case of identifying the vulnerability, such as updating software and firmware for millions of IoST devices, might be challenging and time-consuming. Implementing an air-gapped video surveillance network, which is isolated from the internet and external access, can reduce the cybersecurity threats associated with internet-connected IoST devices. However, such networks can also be susceptible to other threats and attacks, which need to be explored and analyzed. In this work, we perform a systematic literature review on the current state of research and use cases related to compromising and protecting cameras in logical and physical air-gapped networks. We provide a network diagram for each mode of exploitation, discuss the vulnerabilities that could result in a successful attack, demonstrate the potential impacts on organizations in the event of IoST compromise, and outline the security measures and mechanisms that can be deployed to mitigate these security risks.","PeriodicalId":93815,"journal":{"name":"Signals","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-10-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Signals","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/signals4040038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

IP cameras and digital video recorders, as part of the Internet of Surveillance Things (IoST) technology, can sometimes allow unauthenticated access to the video feed or management dashboard. These vulnerabilities may result from weak APIs, misconfigurations, or hidden firmware backdoors. What is particularly concerning is that these vulnerabilities can stay unnoticed for extended periods, spanning weeks, months, or even years, until a malicious attacker decides to exploit them. The response actions in case of identifying the vulnerability, such as updating software and firmware for millions of IoST devices, might be challenging and time-consuming. Implementing an air-gapped video surveillance network, which is isolated from the internet and external access, can reduce the cybersecurity threats associated with internet-connected IoST devices. However, such networks can also be susceptible to other threats and attacks, which need to be explored and analyzed. In this work, we perform a systematic literature review on the current state of research and use cases related to compromising and protecting cameras in logical and physical air-gapped networks. We provide a network diagram for each mode of exploitation, discuss the vulnerabilities that could result in a successful attack, demonstrate the potential impacts on organizations in the event of IoST compromise, and outline the security measures and mechanisms that can be deployed to mitigate these security risks.
气隙网络中IoST漏洞的利用技术及安全措施综述
IP摄像机和数字视频录像机,作为物联网监控(IoST)技术的一部分,有时可能允许未经身份验证的访问视频馈送或管理仪表板。这些漏洞可能是由弱api、错误配置或隐藏的固件后门造成的。特别值得关注的是,这些漏洞可能会在很长一段时间内(几周、几个月甚至几年)不被注意,直到恶意攻击者决定利用它们。识别漏洞时的响应操作(例如为数百万台IoST设备更新软件和固件)可能既具有挑战性又耗时。实施气隙视频监控网络,与互联网和外部访问隔离,可以减少与互联网连接的IoST设备相关的网络安全威胁。然而,这样的网络也容易受到其他威胁和攻击的影响,需要对其进行探索和分析。在这项工作中,我们对逻辑和物理气隙网络中与妥协和保护摄像机相关的研究现状和用例进行了系统的文献综述。我们提供了每种利用模式的网络图,讨论了可能导致成功攻击的漏洞,展示了在IoST妥协事件中对组织的潜在影响,并概述了可以部署以减轻这些安全风险的安全措施和机制。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
3.20
自引率
0.00%
发文量
0
审稿时长
11 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信