Internet of Things Security

Abstract

The Internet of Things (IoT) is an emerging phenomenon where different kinds of devices that were previously not networked are being connected to networks. Examples include network connected thermostats, light bulbs, and door locks.

These newly networked devices present additional attack surfaces, and due to the ad hoc nature of their implementations, many do not follow current security best practices. We assessed the security of several currently available IoT devices targeted at consumers.

We considered all user-facing interfaces and all networking components to be in scope of our investigation, and evaluated the devices for common security vulnerabilities. All of the devices we investigated had numerous exploitable security flaws.

We discuss in detail the vulnerabilities and the processes used to discover them.

Download whitepaper

 

Prepared by

Brian Belleville (bbellevi@uci.edu)
Patrick Biernat (biernp@rpi.edu)
Adam Cotenoff (acotenoff@isecpartners.com)
Kevin Hock (kevin.hock@stonybrook.edu)
Tanner Prynn (tannerprynn+iot@gmail.com)
Sivaranjani Sankaralingam (sivarans@andrew.cmu.edu)
Terry Sun (terrynsun@gmail.com)
Daniel Mayer (daniel@matasano.com, Manager)

Call us before you need us.

Our experts will help you.

Get in touch
%d