Mohamed Amine Khelif, J. Lorandel, O. Romain, Matthieu Regnery, Denis Baheux
{"title":"用于识别物联网设备漏洞的多功能MitM模拟器,研究案例:智能手机","authors":"Mohamed Amine Khelif, J. Lorandel, O. Romain, Matthieu Regnery, Denis Baheux","doi":"10.1145/3341325.3342019","DOIUrl":null,"url":null,"abstract":"With the emergence of Internet of Things (IoT) and the proliferation of communicating objects, new security issues appear. These devices store a significant amount of personal and sensitive data that must be strongly protected. In most of the case, they are more protected against communication attacks than hardware attacks. Smartphones, as the most popular connected object, represent the perfect example of study for a hardware attack on PCIe data bus. In this paper, we present an emulator of Man-in-the-Middle (MitM) attack for vulnerabilities identification in IoT devices. The proposed architecture performs a real-time data analysis, extraction and fault injection. The invisibility of MitM attack represent the main challenge of the implementation, that could be done by respecting the highly constraining requirements of the PCIe protocol such as response time, frequency and throughput.","PeriodicalId":178126,"journal":{"name":"Proceedings of the 3rd International Conference on Future Networks and Distributed Systems","volume":"146 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A Versatile Emulator of MitM for the identification of vulnerabilities of IoT devices, a case of study: smartphones\",\"authors\":\"Mohamed Amine Khelif, J. Lorandel, O. Romain, Matthieu Regnery, Denis Baheux\",\"doi\":\"10.1145/3341325.3342019\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the emergence of Internet of Things (IoT) and the proliferation of communicating objects, new security issues appear. These devices store a significant amount of personal and sensitive data that must be strongly protected. In most of the case, they are more protected against communication attacks than hardware attacks. Smartphones, as the most popular connected object, represent the perfect example of study for a hardware attack on PCIe data bus. In this paper, we present an emulator of Man-in-the-Middle (MitM) attack for vulnerabilities identification in IoT devices. The proposed architecture performs a real-time data analysis, extraction and fault injection. The invisibility of MitM attack represent the main challenge of the implementation, that could be done by respecting the highly constraining requirements of the PCIe protocol such as response time, frequency and throughput.\",\"PeriodicalId\":178126,\"journal\":{\"name\":\"Proceedings of the 3rd International Conference on Future Networks and Distributed Systems\",\"volume\":\"146 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 3rd International Conference on Future Networks and Distributed Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3341325.3342019\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd International Conference on Future Networks and Distributed Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3341325.3342019","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Versatile Emulator of MitM for the identification of vulnerabilities of IoT devices, a case of study: smartphones
With the emergence of Internet of Things (IoT) and the proliferation of communicating objects, new security issues appear. These devices store a significant amount of personal and sensitive data that must be strongly protected. In most of the case, they are more protected against communication attacks than hardware attacks. Smartphones, as the most popular connected object, represent the perfect example of study for a hardware attack on PCIe data bus. In this paper, we present an emulator of Man-in-the-Middle (MitM) attack for vulnerabilities identification in IoT devices. The proposed architecture performs a real-time data analysis, extraction and fault injection. The invisibility of MitM attack represent the main challenge of the implementation, that could be done by respecting the highly constraining requirements of the PCIe protocol such as response time, frequency and throughput.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
