SIoTFuzzer: Fuzzing Web Interface in IoT Firmware via Stateful Message Generation

Hangwei Zhang; Kai Lu; Xu Zhou; Qidi Yin; Pengfei Wang; Tai Yue

doi:10.3390/app11073120

SIoTFuzzer: Fuzzing Web Interface in IoT Firmware via Stateful Message Generation

Applied Sciences ◽

10.3390/app11073120 ◽

2021 ◽

Vol 11 (7) ◽

pp. 3120

Author(s):

Hangwei Zhang ◽

Kai Lu ◽

Xu Zhou ◽

Qidi Yin ◽

Pengfei Wang ◽

...

Keyword(s):

Cyber Attacks ◽

Test Case ◽

Detection Mechanism ◽

Web Interfaces ◽

Ip Camera ◽

Valid Test ◽

Iot Devices ◽

Status Analysis ◽

Web Management ◽

The Web

Cyber attacks against the web management interface of Internet of Things (IoT) devices often have serious consequences. Current research uses fuzzing technologies to test the web interfaces of IoT devices. These IoT fuzzers generate messages (a test case sent from the client to the server to test its functionality) without considering their dependency, which is unlikely to bypass the early check of the server. These invalid test cases significantly reduce the efficiency of fuzzing. To overcome this problem, we propose a stateful message generation (SMG) mechanism for IoT web fuzzing. SMG addresses two problems in IoT fuzzing. First, we retrieve the message dependency by using web front-end analysis and status analysis. These dependent messages, which can easily bypass the server check, are used as a valid seed. Second, we adopt a multi-message seed format to preserve the dependency of the messages when mutating the seed to get a valid test case, so that the test case can bypass the state check of the server to make a valid test. Message dependency preservation is implemented by our proposed parameter mutation and structural mutation methods. We implement SMG in our IoT fuzzer, SIoTFuzzer, which applies IoT firmware on the latest Linux-based simulation tool, FirmAE. We test nine IoT devices including a router and an IP camera and adopt a vulnerability detection mechanism. Our evaluation results show that (1) SIoTFuzzer is capable of finding real-world vulnerabilities in IoT devices; (2) our SMG is effective as it enables Boofuzz (a popular protocol fuzzer) to find command injection and cross-site scripting (XSS) vulnerabilities; and (3) compared to FirmFuzz, SIoTFuzzer found all the vulnerabilities in our benchmarks, while FirmFuzz found only four—the efficiency of our tool increased by 20.57% on average.

Download Full-text

FirmHunter: State-Aware and Introspection-Driven Grey-Box Fuzzing towards IoT Firmware

Applied Sciences ◽

10.3390/app11199094 ◽

2021 ◽

Vol 11 (19) ◽

pp. 9094

Author(s):

Qidi Yin ◽

Xu Zhou ◽

Hangwei Zhang

Keyword(s):

Web Application ◽

State Of The Art ◽

Test Cases ◽

Security Testing ◽

Iot Security ◽

Web Interfaces ◽

Ip Camera ◽

Vulnerability Discovery ◽

Iot Devices ◽

The Web

IoT devices are exponentially increasing in all aspects of our lives. Via the web interfaces of IoT devices, attackers can control IoT devices by exploiting their vulnerabilities. In order to guarantee IoT security, testing these IoT devices to detect vulnerabilities is very important. In this work, we present FirmHunter, an automated state-aware and introspection-driven grey-box fuzzer towards Linux-based firmware images on the basis of emulation. It employs a message-state queue to overcome the dependency problem in test cases. Furthermore, it implements a scheduler collecting execution information from system introspection to drive fuzzing towards more interesting test cases, which speeds up vulnerability discovery. We evaluate FirmHunter by emulating and fuzzing eight firmware images including seven routers and one IP camera with a state-of-the-art IoT fuzzer FirmFuzz and a web application scanner ZAP. Our evaluation results show that (1) the message-state queue enables FirmHunter to parse the dependencies in test cases and find real-world vulnerabilities that other fuzzers cannot detect; (2) our scheduler accelerates the discovery of vulnerabilities by an average of 42%; and (3) FirmHunter is able to find unknown vulnerabilities.

Download Full-text

Discovering Vulnerabilities in COTS IoT Devices through Blackbox Fuzzing Web Management Interface

Security and Communication Networks ◽

10.1155/2019/5076324 ◽

2019 ◽

Vol 2019 ◽

pp. 1-19 ◽

Cited By ~ 3

Author(s):

Dong Wang ◽

Xiaosong Zhang ◽

Ting Chen ◽

Jingwei Li

Keyword(s):

Early Stage ◽

Experimental Results ◽

Brute Force ◽

Web Interface ◽

Novel Approach ◽

Commercial Off The Shelf ◽

Initial Seed ◽

Iot Devices ◽

Web Management ◽

The Web

A novel approach for discovering vulnerability in commercial off-the-shelf (COTS) IoT devices is proposed in this paper, which will revolutionize the area. Unlike previous work, the web management interface in IoT was used to detect vulnerabilities by leveraging fuzzing technology. To validate and evaluate this scheme, a tool named WMIFuzzer was designed and implemented. There were also two challenges: (1) due to the diversity of web interface implementations, there were no existing seed messages for fuzzing this interface and it was inefficient while taking random messages to launch the fuzzing and (2) because of the highly structured seed message, fuzzing with byte-level mutation could conduce to be rejected by the device at an early stage. To address these challenges, a brute-force UI automation was designed to drive the web interface to generate initial seed messages automatically, as well as a weighted message parse tree (WMPT) was proposed to guide the mutation to generate mostly structure-valid messages. The extensive experimental results show that WMIFuzzer could achieve expected result while 10 vulnerabilities including 6 zero-days in 7 COTS IoT devices were discovered.

Download Full-text

A Cloud Architecture for Managing IoT-aware Applications According to Knowledge Processing Rules

Journal of Communications Software and Systems ◽

10.24138/jcomss.v12i1.90 ◽

2016 ◽

Vol 12 (1) ◽

pp. 45 ◽

Cited By ~ 1

Author(s):

Luca Mainetti ◽

Luigi Manco ◽

Luigi Patrono ◽

Roberto Vergallo

Keyword(s):

Actual State ◽

Knowledge Processing ◽

Smart Object ◽

Web Interfaces ◽

Web Resource ◽

Iot Devices ◽

State Of The Environment ◽

To Receive ◽

The Internet Of Things ◽

The Web

The Web of Things paradigm has represented a shift in the conjunction of the Internet of Things (IoT) with people, as it allows treating a smart object as a Web resource. While in a first phase the challenge was the physically management of smart objects, the current demand is to help users in profitably introducing IoT in their own daily life.The paper presents a software architecture for IoT systems able to manage the behaviour of involved IoT entities basing on knowledge processing tools. The main goal is informing the user of the occurrence of events of interest semantically determined starting from actual state of the environment. The architecture exploits the potentialities of the Web of Topics (WoX) approach, a conceptual model that simplifies the designing of IoT applications. Leveraging the WoX approach, the architecture introduces an innovative way to mine knowledge from IoT devices aside from any technological background, so that facing the intrinsic heterogeneity affecting IoT entities. The discussed architecture is composed by different modules integrated into an Enterprise Service Bus (ESB), strongly decoupled and provided with RESTful-compliant web interfaces to communicate each other and with the external environment, according to a SOA structure. The paper shows how the system is able to receive data coming from sensors and to semantically interpret them by means of a series of business rules that act as knowledge processor.

Download Full-text

State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Sensors ◽

10.3390/s21051598 ◽

2021 ◽

Vol 21 (5) ◽

pp. 1598

Author(s):

Sigurd Frej Joel Jørgensen Ankergård ◽

Edlira Dushku ◽

Nicola Dragoni

Keyword(s):

Internet Of Things ◽

Smart Cities ◽

Cyber Attacks ◽

Resource Constrained ◽

Remote Attestation ◽

Comprehensive Overview ◽

Research Issues ◽

Advantages And Disadvantages ◽

Iot Devices ◽

Specialized Hardware

The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.

Download Full-text

The BenToWeb Test Case Suites for the Web Content Accessibility Guidelines (WCAG) 2.0

Lecture Notes in Computer Science - Computers Helping People with Special Needs ◽

10.1007/978-3-540-70540-6_58 ◽

2008 ◽

pp. 402-409 ◽

Cited By ~ 1

Author(s):

Christophe Strobbe ◽

Johannes Koch ◽

Evangelos Vlachogiannis ◽

Reinhard Ruemer ◽

Carlos A. Velasco ◽

...

Keyword(s):

Test Case ◽

Web Content ◽

Wcag 2.0 ◽

Accessibility Guidelines ◽

Content Accessibility ◽

The Web

Download Full-text

Security Vulnerabilities, Threats, and Attacks in IoT and Big Data

Security, Privacy, and Forensics Issues in Big Data - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-9742-1.ch006 ◽

2020 ◽

pp. 141-167

Author(s):

Prabha Selvaraj ◽

Sumathi Doraikannan ◽

Vijay Kumar Burugari

Keyword(s):

Big Data ◽

Case Studies ◽

Big Data Analytics ◽

Cloud Services ◽

Web Interface ◽

Security Vulnerabilities ◽

New Techniques ◽

Iot Security ◽

Web Interfaces ◽

The Web

Big data and IoT has its impact on various areas like science, health, engineering, medicine, finance, business, and mainly, the society. Due to the growth in security intelligence, there is a requirement for new techniques which need big data and big data analytics. IoT security does not alone deal with the security of the device, but it also has to care about the web interfaces, cloud services, and other devices that interact with it. There are many techniques used for addressing challenges like privacy of individuals, inference, and aggregation, which makes it possible to re-identify individuals' even though they are removed from a dataset. It is understood that a few security vulnerabilities could lead to insecure web interface. This chapter discusses the challenges in security and how big data can be used for it. It also analyzes the various attacks and threat modeling in detail. Two case studies in two different areas are also discussed.

Download Full-text

Building Trust in E-Commerce through Web Interface

Web Technologies ◽

10.4018/978-1-60566-982-3.ch065 ◽

2011 ◽

pp. 1195-1205

Author(s):

Muneesh Kumar ◽

Mamta Sareen

Keyword(s):

Economic Development ◽

Human Development ◽

Global Level ◽

Web Interface ◽

Web Interfaces ◽

Number Of Factors ◽

Online Trading ◽

The Impact ◽

Seller Relationship ◽

The Web

The emergence of Internet has revolutionalized the way businesses are conducted. The impact of e-commerce is pervasive, both on companies and society as a whole. It has the potential to impact the pace of economic development and in turn influence the process of human development at the global level. However, the growth in e-commerce is being impaired by the issue of trust in the buyer-seller relationship which is arising due to the virtual nature of e-commerce environment. The online trading environment is constrained by a number of factors including web interface that in turn influences user experience. This article identifies various dimensions of web interface that have the potential to influence trust in e-commerce. The empirical evidence presented in the article is based on a survey of the web interfaces of 65 Indian e-Marketplaces.

Download Full-text

Towards Near-Real-Time Intrusion Detection for IoT Devices using Supervised Learning and Apache Spark

Electronics ◽

10.3390/electronics9030444 ◽

2020 ◽

Vol 9 (3) ◽

pp. 444 ◽

Cited By ~ 1

Author(s):

Valerio Morfino ◽

Salvatore Rampone

Keyword(s):

Machine Learning ◽

Random Forest ◽

Learning Algorithms ◽

Hybrid Approach ◽

Cyber Attacks ◽

Machine Learning Algorithms ◽

Apache Spark ◽

Identification Accuracy ◽

Supervised Machine Learning ◽

Iot Devices

In the fields of Internet of Things (IoT) infrastructures, attack and anomaly detection are rising concerns. With the increased use of IoT infrastructure in every domain, threats and attacks in these infrastructures are also growing proportionally. In this paper the performances of several machine learning algorithms in identifying cyber-attacks (namely SYN-DOS attacks) to IoT systems are compared both in terms of application performances, and in training/application times. We use supervised machine learning algorithms included in the MLlib library of Apache Spark, a fast and general engine for big data processing. We show the implementation details and the performance of those algorithms on public datasets using a training set of up to 2 million instances. We adopt a Cloud environment, emphasizing the importance of the scalability and of the elasticity of use. Results show that all the Spark algorithms used result in a very good identification accuracy (>99%). Overall, one of them, Random Forest, achieves an accuracy of 1. We also report a very short training time (23.22 sec for Decision Tree with 2 million rows). The experiments also show a very low application time (0.13 sec for over than 600,000 instances for Random Forest) using Apache Spark in the Cloud. Furthermore, the explicit model generated by Random Forest is very easy-to-implement using high- or low-level programming languages. In light of the results obtained, both in terms of computation times and identification performance, a hybrid approach for the detection of SYN-DOS cyber-attacks on IoT devices is proposed: the application of an explicit Random Forest model, implemented directly on the IoT device, along with a second level analysis (training) performed in the Cloud.

Download Full-text

Use of telephone and web interfaces of interactive response technology at clinical investigator sites in clinical trials

Clinical Trials ◽

10.1177/1740774519832329 ◽

2019 ◽

Vol 16 (3) ◽

pp. 297-305

Author(s):

Anna-Leena Saarela ◽

Anja Walzer ◽

Anne Mari Juppo

Keyword(s):

Clinical Trials ◽

Online Survey ◽

Service Providers ◽

Focal Point ◽

Interactive Voice Response ◽

End Users ◽

Web Interface ◽

Web Interfaces ◽

Clinical Investigator ◽

The Web

Background Interactive response technologies are used in clinical trials to provide services such as automated randomization and medication logistics management. The objective of this article is to investigate the usage of telephone (Interactive Voice Response) and web (Interactive Web Response) interfaces of interactive response technologies at clinical investigator sites in clinical trials, to obtain information about the preferences of interactive response technology end users between the telephone and web interfaces, and to explore the relevance of the telephone interface in this setting. Methods The data consist of an online survey conducted in spring 2016 with clinical investigators, study nurses, and pharmacists in 13 countries. Results Ninety-eight percent of survey respondents preferred the web interface over the telephone interface, the most important reason being superior usability. However, the respondents indicated the usability of interactive response technology interfaces is not optimal, and lack of integration and consistency across systems is common. A vast majority of interactive response technology end users at clinical sites prefer to use the web interface over the telephone interface, but most also feel there would need to be a back-up system. Conclusions Based on the results, it would be beneficial to improve the usability of the interactive response technology interfaces, and to increase consistency across systems from the current level. Support to and training of the users, as well as clarifying the responsibilities between sites and the sponsor should also be a focal point. Study sponsors should explore with interactive response technology service providers how removing the telephone interface would impact future studies, and whether there could be a more efficient means to achieve a reliable back-up to the web interface instead of a dedicated telephone interface.

Download Full-text

Developing Online Learning Portals in Low Bandwidth Communities

Encyclopedia of Portal Technologies and Applications ◽

10.4018/978-1-59140-989-2.ch040 ◽

2011 ◽

pp. 228-234

Author(s):

Mae van der Merwe ◽

Lorna Uden

Keyword(s):

Relevant Information ◽

Learning Processes ◽

Web Based ◽

Web Interfaces ◽

Front End ◽

Present Information ◽

The World ◽

The University ◽

The Web

University portals are emerging all over the world. Portals have been perceived by many people as the technologies that are designed to enhance work and learning processes at university by making workflows simpler and information more readily available in a form in which it can be processed (Franklin, 2004). There are many benefits for having a portal in a university. First, the portal makes it easy for people to find university information targeted specifically at them. Instead of the user searching the Web for information, a person identifies himself or herself to the portal, and the portal brings all relevant information to that person. Secondly, the portal uses a single consistent Web-based front end to present information from a variety of back-end data sources. Although information about people is stored in many different databases at a university, the role of a portal is to put a consistent face to this information so that visitors do not have to deal with dozens of different Web interfaces to get their information. Usability is an important issue when designing the university portal. Principles from human computer interaction must be included in the design of portals.

Download Full-text