{"title":"研究物联网设备中与暴露和TLS生态系统相关的安全漏洞","authors":"Y. Siwakoti, D. Rawat","doi":"10.1109/IRI58017.2023.00009","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) is popular for its ability to perform various smart and dedicated tasks, but its popularity has also made it a prime target for cyberattacks. Unfortunately, IoT security has been given less priority compared to functionality and performance during the design and implementation stages. Two major reasons behind the weak security of IoT devices are their exposure to potential attacks and the low adoption of secure Secure Sockets Layer(SSL)/Transport Layer Security(TLS) protocols. To address these issues, this paper examines the exposure of different categories of IoT devices and services using tools like Shodan and criminal infrastructure analysis. It also investigates the state of SSL/TLS implementation in IoT infrastructure. The research provides a list of exposed services and ports that can be exploited by attackers, highlighting the significant risks. Additionally, the study reveals that the implementation of SSL/TLS in the IoT ecosystem is concerning, although there has been a slight improvement compared to the previous year.","PeriodicalId":290818,"journal":{"name":"2023 IEEE 24th International Conference on Information Reuse and Integration for Data Science (IRI)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Investigating Security Vulnerability Related to Exposure and TLS Ecosystem in IoT Devices\",\"authors\":\"Y. Siwakoti, D. Rawat\",\"doi\":\"10.1109/IRI58017.2023.00009\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Internet of Things (IoT) is popular for its ability to perform various smart and dedicated tasks, but its popularity has also made it a prime target for cyberattacks. Unfortunately, IoT security has been given less priority compared to functionality and performance during the design and implementation stages. Two major reasons behind the weak security of IoT devices are their exposure to potential attacks and the low adoption of secure Secure Sockets Layer(SSL)/Transport Layer Security(TLS) protocols. To address these issues, this paper examines the exposure of different categories of IoT devices and services using tools like Shodan and criminal infrastructure analysis. It also investigates the state of SSL/TLS implementation in IoT infrastructure. The research provides a list of exposed services and ports that can be exploited by attackers, highlighting the significant risks. Additionally, the study reveals that the implementation of SSL/TLS in the IoT ecosystem is concerning, although there has been a slight improvement compared to the previous year.\",\"PeriodicalId\":290818,\"journal\":{\"name\":\"2023 IEEE 24th International Conference on Information Reuse and Integration for Data Science (IRI)\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE 24th International Conference on Information Reuse and Integration for Data Science (IRI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IRI58017.2023.00009\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 24th International Conference on Information Reuse and Integration for Data Science (IRI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IRI58017.2023.00009","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Investigating Security Vulnerability Related to Exposure and TLS Ecosystem in IoT Devices
The Internet of Things (IoT) is popular for its ability to perform various smart and dedicated tasks, but its popularity has also made it a prime target for cyberattacks. Unfortunately, IoT security has been given less priority compared to functionality and performance during the design and implementation stages. Two major reasons behind the weak security of IoT devices are their exposure to potential attacks and the low adoption of secure Secure Sockets Layer(SSL)/Transport Layer Security(TLS) protocols. To address these issues, this paper examines the exposure of different categories of IoT devices and services using tools like Shodan and criminal infrastructure analysis. It also investigates the state of SSL/TLS implementation in IoT infrastructure. The research provides a list of exposed services and ports that can be exploited by attackers, highlighting the significant risks. Additionally, the study reveals that the implementation of SSL/TLS in the IoT ecosystem is concerning, although there has been a slight improvement compared to the previous year.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
