Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations
Author:
Noman Haitham Ameen1, Abu-Sharkh Osama M. F.1
Affiliation:
1. Computer Engineering Department, King Abdullah II School of Engineering, Princess Sumaya University for Technology, Amman 11941, Jordan
Abstract
The Internet of Things (IoT) has transformed various domains in our lives by enabling seamless communication and data exchange between interconnected devices, necessitating robust networking infrastructure. This paper presents a comprehensive analysis of code injection attacks in IoT, focusing on the wireless domain. Code injection attacks exploit security weaknesses in applications or software and can have severe consequences, such as data breaches, financial losses, and denial of service. This paper discusses vulnerabilities in IoT systems and examines how wireless frames in state-of-the-art wireless technologies, which serve IoT applications, are exposed to such attacks. To demonstrate the severity of these threats, we introduce a comprehensive framework illustrating code injection attacks in the wireless domain. Several code injection attacks are performed on Wireless Fidelity (Wi-Fi) devices operating on an embedded system commonly used in IoT applications. Our proof of concept reveals that the victims’ devices become further exposed to a full range of cyber-attacks following a successful severe code injection attack. We also demonstrate three scenarios where malicious codes had been detected inside the firmware of wireless devices used in IoT applications by performing reverse engineering techniques. Criticality analysis is conducted for the implemented and demonstrated attacks using Intrusion Modes and Criticality Analysis (IMECA). By understanding the vulnerabilities and potential consequences of code injection attacks on IoT networks and devices, researchers and practitioners can develop more secure IoT systems and better protect against these emerging threats.
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference153 articles.
1. Hassan, R., Qamar, F., Hasan, M.K., Aman, A.H., and Ahmed, A.S. (2020). Internet of things and its applications: A comprehensive survey. Symmetry, 12. 2. Majid, M., Habib, S., Javed, A.R., Rizwan, M., Srivastava, G., Gadekallu, T.R., and Lin, J.C.-W. (2022). Applications of wireless sensor networks and internet of things frameworks in the industry revolution 4.0: A systematic literature review. Sensors, 22. 3. Ménard, A. (2023, June 10). How Can We Recognize the Real Power of the Internet of Things?. Available online: https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/how-can-we-recognize-the-real-power-of-the-internet-of-things. 4. Pau, G., Chaudet, C., Zhao, D., and Collotta, M. (2018). Next Generation Wireless Technologies for Internet of Things. Sensors, 18. 5. Mollah, M.B., Zeadally, S., and Azad, M.A. (2020). Encyclopedia of Wireless Networks, Springer.
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|