Abstract
The security of the Internet of Things (IoT) is an important yet often overlooked subject. Specifically, the publicly available information sources about vulnerabilities affecting the connected devices are unsatisfactory. Our research shows that, while the information is available on the Internet, there is no single service offering data focused on the IoT in existence. The national vulnerability databases contain some IoT related entries, but they lack mechanisms to distinguish them from the remaining vulnerabilities. Moreover, information about many vulnerabilities affecting the IoT world never reaches these databases but can still be found scattered over the Internet. This review summarizes our effort at identifying and evaluating publicly available sources of information about vulnerabilities, focusing on their usefulness in the scope of IoT. The results of our search show that there is not yet a single satisfactory source covering vulnerabilities affecting IoT devices and software available.
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference73 articles.
1. Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations
2. IoT Elements, Layered Architectures and Security Issues: A Comprehensive Survey
3. IoT Security Foundation Understanding the Contemporary Use of Vulnerability Disclosure in Consumer Internet of Things Product Companies
https://www.iotsecurityfoundation.org/wp-content/uploads/2018/11/Vulnerability-Disclosure-Design-v4.pdf
4. Multiple Vulnerabilities in the Online Services of (GPS) Location Tracking Devices
https://0x0.li/trackmageddon/
Cited by
23 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Transferability of Machine Learning Algorithm for IoT Device Profiling and Identification;IEEE Internet of Things Journal;2024-01-15
2. Blockchain-based Architecture to Enhance Security in Distributed Measurement Systems;2023 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE);2023-12-04
3. Leveraging Oversampling Techniques in Machine Learning Models for Multi-class Malware Detection in Smart Home Applications;2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom);2023-11-01
4. IoTAEG: Automatic Exploit Generation of IoT Devices;2023 4th International Conference on Computer Engineering and Intelligent Control (ICCEIC);2023-10-20
5. On Standards for Wireless Sensor Networks in the Application of Structural Health Monitoring;2023 Congress in Computer Science, Computer Engineering, & Applied Computing (CSCE);2023-07-24