Understanding IoT Security from a Market-Scale Perspective
Paper Details
- Title: Understanding IoT Security from a Market-Scale Perspective
- Authors: Xin Jin, Sunil Manandhar, Kaushal Kafle, Zhiqiang Lin, Adwait Nadkarni
- Publication/Conference: Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS)
- Date of Publication/Presentation: November 2022
Abstract
Internet of Things (IoT) products and services, which can sense and modify private user environments, are ubiquitous. To ensure security, an awareness of products on the market is critical.
Researchers developed a framework called IoTSpotter, which constructs a market-scale snapshot of mobile-IoT apps that interact with IoT devices.
The study identified 37,783 mobile-IoT apps from Google Play and performed three major security analyses. They explored:
- Cryptographic implementations.
- Library usage.
- App signatures.
Researchers demonstrated the prevalence of critical vulnerabilities in mobile-IoT apps and their serious impact on IoT security and privacy. This showed the need to focus on mobile-IoT apps that are contextualized to IoT and to develop framework, techniques, data, and artifacts that enable large-scale IoT security.