Egert, Rolf ; Grube, Tim ; Born, Dustin ; Mühlhäuser, Max (2019):
Modular Vulnerability Indication for the IoT in IP-based Networks.
p. 6, IEEE, IEEE Global Communications Conference (GLOBECOM'19), Waikoloa, Hawaii, 09.-13.12., ISBN 978-1-7281-0960-2,
DOI: 10.1109/GCWkshps45667.2019.9024519,
[Conference or Workshop Item]
Abstract
With the rapidly increasing number of Internet of Things (IoT) devices and their extensive integration into peoples’ daily lives, the security of those devices is of primary importance. Nonetheless, many IoT devices suffer from the absence, or the bad application, of security concepts, which leads to severe vulnerabilities in those devices. To achieve early detection of potential vulnerabilities, network scanner tools are frequently used. However, most of those tools are highly specialized; thus, multiple tools and a meaningful correlation of their results are required to obtain an adequate listing of identified network vulnerabilities. To simplify this process, we propose a modular framework for automated network reconnaissance and vulnerability indication in IP-based networks. It allows integrating a diverse set of tools as either, scanning tools or analysis tools. Moreover, the framework enables result aggregation of different modules and allows information sharing between modules facilitating the development of advanced analysis modules. Additionally, intermediate scanning and analysis data is stored, enabling a historical view of derived information and also allowing users to retrace decision-making processes. We show the framework’s modular capabilities by implementing one scanner module and three analysis modules. The automated process is then evaluated using an exemplary scenario with common IP-based IoT components.
Item Type: | Conference or Workshop Item |
---|---|
Erschienen: | 2019 |
Creators: | Egert, Rolf ; Grube, Tim ; Born, Dustin ; Mühlhäuser, Max |
Title: | Modular Vulnerability Indication for the IoT in IP-based Networks |
Language: | English |
Abstract: | With the rapidly increasing number of Internet of Things (IoT) devices and their extensive integration into peoples’ daily lives, the security of those devices is of primary importance. Nonetheless, many IoT devices suffer from the absence, or the bad application, of security concepts, which leads to severe vulnerabilities in those devices. To achieve early detection of potential vulnerabilities, network scanner tools are frequently used. However, most of those tools are highly specialized; thus, multiple tools and a meaningful correlation of their results are required to obtain an adequate listing of identified network vulnerabilities. To simplify this process, we propose a modular framework for automated network reconnaissance and vulnerability indication in IP-based networks. It allows integrating a diverse set of tools as either, scanning tools or analysis tools. Moreover, the framework enables result aggregation of different modules and allows information sharing between modules facilitating the development of advanced analysis modules. Additionally, intermediate scanning and analysis data is stored, enabling a historical view of derived information and also allowing users to retrace decision-making processes. We show the framework’s modular capabilities by implementing one scanner module and three analysis modules. The automated process is then evaluated using an exemplary scenario with common IP-based IoT components. |
Publisher: | IEEE |
ISBN: | 978-1-7281-0960-2 |
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Telecooperation |
Event Title: | IEEE Global Communications Conference (GLOBECOM'19) |
Event Location: | Waikoloa, Hawaii |
Event Dates: | 09.-13.12. |
Date Deposited: | 29 Oct 2019 12:16 |
DOI: | 10.1109/GCWkshps45667.2019.9024519 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
![]() |
Send an inquiry |
Options (only for editors)
![]() |
Show editorial Details |