通信学报 ›› 2021, Vol. 42 ›› Issue (8): 188-205.doi: 10.11959/j.issn.1000-436x.2021124
杨毅宇1, 周威1, 赵尚儒1, 刘聪2, 张宇辉3, 王鹤3, 王文杰1, 张玉清1,2,3,4
修回日期:
2021-04-14
出版日期:
2021-08-25
发布日期:
2021-08-01
作者简介:
杨毅宇(1987- ),男,云南大理人,中国科学院大学博士生,主要研究方向为网络与系统安全基金资助:
Yiyu YANG1, Wei ZHOU1, Shangru ZHAO1, Cong LIU2, Yuhui ZHANG3, He WANG3, Wenjie WANG1, Yuqing ZHANG1,2,3,4
Revised:
2021-04-14
Online:
2021-08-25
Published:
2021-08-01
Supported by:
摘要:
基于近5年网安国际会议(ACM CCS、USENIX Security、NDSS、IEEE S&P)中发表的物联网安全文献,以及其他部分高水平研究工作,从威胁、检测、防御的视角对物联网安全研究工作进行了系统的整理和分析。首先,介绍了物联网系统的基本架构。然后,将当前研究中提出的主要威胁分为8种类型,并分析了威胁的成因和危害。之后,介绍了针对这些威胁所提出的6种威胁检测和5种防御方案,并对比了它们的技术原理和优缺点。最后,提出了当前研究依然面临的主要挑战,并指出了未来研究发展的方向。
中图分类号:
杨毅宇, 周威, 赵尚儒, 刘聪, 张宇辉, 王鹤, 王文杰, 张玉清. 物联网安全研究综述:威胁、检测与防御[J]. 通信学报, 2021, 42(8): 188-205.
Yiyu YANG, Wei ZHOU, Shangru ZHAO, Cong LIU, Yuhui ZHANG, He WANG, Wenjie WANG, Yuqing ZHANG. Survey of IoT security research: threats, detection and defense[J]. Journal on Communications, 2021, 42(8): 188-205.
表1
各类安全威胁的漏洞成因和主要危害"
威胁类型 | 漏洞成因 | 主要危害 | 文献 | 文献数量/篇 |
云平台访问控制缺陷 | 授权粒度过粗,授权标准不对称 | 越权控制、事件窃听、隐私泄露 | 文献[ | 4 |
云平台恶意应用 | 恶意用户上传应用,应用审核机制不完善 | 隐私泄露、非法控制 | 文献[ | 8 |
云平台实体和应用交互漏洞 | 实体和应用交互复杂,执行冲突难以检测 | 设备劫持、拒绝服务、隐私泄露 | 文献[ | 5 |
通信协议漏洞 | 协议缺乏内建安全机制,厂商忽略安全因素 | 拒绝服务、设备劫持、重放攻击、隐私泄露 | 文献[ | 9 |
通信流量侧信道信息泄露 | 物联网通信流量具有突出特征 | 隐私泄露 | 文献[ | 6 |
设备固件漏洞 | 有限的计算和存储资源,缺乏有效检测工具,缺乏内存和权限管理 | 系统崩溃、保护绕过、恶意命令、隐私泄露 | 文献[ | 8 |
基于语音信道的攻击 | 藏匿在语音信道中的命令 | 越权控制、隐私泄露 | 文献[ | 6 |
基于物联网设备的僵尸网络 | 设备规模庞大,设备漏洞广泛存在 | 大规模拒绝服务、恶意软件分发 | 文献[ | 3 |
表2
侧信道攻击方法对比"
文献 | 采用特征 | 识别方法 | 攻击效果 |
文献[ | Wi-Fi信号强度 | Wi-Fi多路信号传播波动模型 | ① |
文献[ | 端口号、负载大小、TCP窗口值等 | CNN(convolutional neural network)+RNN(recurrent neural network) | ①② |
文献[ | DNS查询目标、NTP请求数、SSL/TLS加密套件 | 朴素贝叶斯多项式分类和随机森林 | ①② |
文献[ | 方向、包长、发包时间间隔平均值和标准差 | 随机森林、DBSCAN(density-based spatial clustering of applications with noise) | ①②③④ |
文献[ | 包长平均值和方差、时间间隔平均值、tsfresh和特征工程提取的特征 | k近邻、随机森林、隐式马尔可夫模型 | ①②③④⑤ |
文献[ | 方向和包长 | DBSCAN | ①②③④⑤ |
注:①判断设备/目标存在,②识别设备类型,③判断设备事件发生,④识别事件,⑤推断用户行为 |
表3
威胁检测方案对比"
检测方案 | 面向威胁类型 | 主要技术原理 | 主要优点 | 主要缺点 | 文献 | 文献数量/篇 |
云平台恶意应用检测 | 云平台恶意应用 | 基于敏感信息的数据流追踪,语音黑盒测试 | 自动化、大规模检测,有效识别恶意应用 | 依赖平台特性 | 文献[ | 7 |
云平台实体和应用交互漏洞检测 | 云平台实体和应用交互漏洞 | 模型检测 | 识别实体交互复杂过程中的逻辑漏洞 | 需要人工分析,且对交互解析的方法存在局限性 | 文献[ | 6 |
基于静态分析的固件漏洞检测 | 设备固件漏洞、基于物联网设备的僵尸网络 | 符号执行,污点分析,二进制相似性比较 | 自动化检测固件漏洞 | 对编译优化和混淆敏感,固件难以获取和自动加载 | 文献[ | 8 |
基于动态分析的固件漏洞检测 | 设备固件漏洞、基于物联网设备的僵尸网络 | 基于 QEMU(quick Emulator)仿真,推断外设输入 | 动态调试、准确识别漏洞原因和位置 | 需要人工分析,面向有限固件类型,仿真效果受限 | 文献[ | 9 |
基于手机 App 的固件漏洞检测 | 设备固件漏洞 | 基于App的模糊测试,App代码相似性分析 | 不用分析设备和解析固件 | 需要设备拥有对应App,App 与设备较强的关联性 | 文献[ | 4 |
基于侧信道的设备异常检测 | 设备固件漏洞、基于物联网设备的僵尸网络 | 基于流量特征,基于物理特征,环境上下文特征 | 识别设备异常行为、非侵入式方案 | 容易受到信号强弱、协议类型和通信模式的影响,对设备环境有要求 | 文献[ | 8 |
表4
应用或服务交互漏洞检测方案对比"
文献 | 建模方式和检测方法 | 检测平台 | 检测效果 |
文献[ | 通过解析源代码得到多个应用状态转换模型组合,基于安全策略检测动作冲突 | SmartThings | 在28种SmartApp组合中识别出3种组合违背11项安全策略 |
文献[ | 通过代码插桩在运行过程中动态建立多个应用状态转换模型,基于安全策略检测动作冲突 | SmartThings、IFTTT | 在 16个 SmartApp和 9个 Applet的组合中识别出3种组合违背9项安全策略 |
文献[ | 基于自然语言处理建立自动执行规则之间的交互模型,基于SMT求解技术检测规则间漏洞 | IFTTT | 在31.5万个Applet应用中,根据安装数量组成可信的规则集,发现规则集中66%具有交互漏洞 |
文献[ | 通过解析应用源代码和文本描述,建立应用之间通过共同物理信道连接的动作模型,基于不同物理信道的风险值计算应用组合风险 | SmartThings | 在185个SmartApp中发现162种基于共同物理信道的隐式关联,其中37种关联可能产生安全隐患 |
表5
不同威胁防御方案对比"
防御方案 | 面向威胁类型 | 主要技术原理 | 主要优点 | 主要缺点 | 文献 | 文献数量/篇 |
细粒度的云平台访问控制 | 云平台访问控制缺陷 | 提升权限管理粒度 | 有效识别越权操作,弥补平台审核机制不足 | 依赖平台特性,需要用户参与 | 文献[ | 6 |
安全的通信协议 | 通信协议漏洞 | 增加内在安全机制,设计新型配对协议 | 增强协议机密性和完整性 | 安全配对协议需要感知装置支持,邻近设备不完全可信 | 文献[ | 8 |
流量特征隐藏 | 通信流量侧信道信息泄露 | 数据包封装,流量塑形 | 有效对抗侧信道信息泄露 | 增加通信时延和负载,增加流量噪声 | 文献[ | 6 |
基于可信计算的固件安全防护机制 | 设备固件漏洞、基于物联网设备的僵尸网络 | 程序组件权限和内存地址空间隔离,控制流完整性保护,远程认证 | 有效防御传统固件漏洞,大规模管理中有效发现异常设备,设备自组网络安全运行 | 性能和适用面需要进一步提升,细粒度的控制流认证影响系统实时性 | 文献[ | 8 |
语音攻击防御 | 基于语音信道的攻击 | 安全提示和语音确认,声纹识别,信号过滤 | 有效阻止藏匿的恶意语音命令 | 面临可用性和成本的额外开销 | 文献[ | 5 |
表6
固件安全防护机制对比"
文献 | 技术原理 | 主要特点 | 性能开销 |
文献[ | 组件权限和内存地址空间隔离 | 识别与分离特权指令,实现栈保护、代码和数据区域隔离,无法实现进程级别的代码隔离 | 平均增加1.8%执行时间和0.5%能耗 |
文献[ | 组件权限和内存地址空间隔离 | 基于 MPU 实现进程内存空间的隔离,但是划分进程内数据与代码区域的方法不灵活 | 最高可减少93%进程内存空间 |
文献[ | 组件权限和内存地址空间隔离 | 对固件执行单元进行更细粒度的权限划分,基于定制的安全策略对分离的组件灵活实施最小权限模型 | 最高引入13%的运行开销,比现有技术减少59%的Flash占用,减少84%的内存占用 |
文献[ | 控制流完整性保护 | 将函数的有效返回地址集合放到不可写的内存区域中,不需要特殊硬件模块支持 | 平均运行开销只有0.1%,内存开销可忽略,平均增加54.1%的Flash占用 |
文献[ | 控制流完整性保护 | 基于“影子栈”技术,配置内存保护单元来实施内存访问规则,确保程序返回到合法目标地址 | 平均增加1.3%和3.4%的性能开销,以及8.9%和2.3%的代码体积 |
[1] | ZHOU W , JIA Y , PENG A N ,et al. The effect of IoT new features on security and privacy:new threats,existing solutions,and challenges yet to be solved[J]. IEEE Internet of Things Journal, 2019,6(2): 1606-1616. |
[2] | ALRAWI O , LEVER C , ANTONAKAKIS M ,et al. SoK:security evaluation of home-based IoT deployments[C]// 2019 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2019: 1362-1380. |
[3] | ANTONAKAKIS M , APRIL T , BAILEY M ,et al. Understanding the Mirai botnet[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2017: 1093-1110. |
[4] | GUO Z , LIN Z , LI P ,et al. SkillExplorer:understanding the behavior of skills in large scale[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 2649-2666. |
[5] | 张玉清, 周威, 彭安妮 . 物联网安全综述[J]. 计算机研究与发展, 2017,54(10): 2130-2143. |
ZHANG Y Q , ZHOU W , PENG A N . Survey of Internet of things security[J]. Journal of Computer Research and Development, 2017,54(10): 2130-2143. | |
[6] | 彭安妮, 周威, 贾岩 ,等. 物联网操作系统安全研究综述[J]. 通信学报, 2018,39(3): 22-34. |
PENG A N , ZHOU W , JIA Y ,et al. Survey of the Internet of things operating system security[J]. Journal on Communications, 2018,39(3): 22-34. | |
[7] | 王基策, 李意莲, 贾岩 ,等. 智能家居安全综述[J]. 计算机研究与发展, 2018,55(10): 2111-2124. |
WANG J C , LI Y L , JIA Y ,et al. Survey of smart home security[J]. Journal of Computer Research and Development, 2018,55(10): 2111-2124. | |
[8] | HE W , GOLLA M , PADHI R ,et al. Rethinking access control and authentication for the home Internet of things (IoT)[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 255-272. |
[9] | FERNANDES E , JUNG J , PRAKASH A . Security analysis of emerging smart home applications[C]// 2016 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2016: 636-654. |
[10] | FERNANDES E , RAHMATI A , JUNG J ,et al. Decentralized action integrity for trigger-action IoT platforms[C]// Proceedings 2018 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2018: 1-16. |
[11] | YUAN B , JIA Y , XING L ,et al. Shattered chain of trust:understanding security risks in cross-cloud IoT access delegation[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 1183-1200. |
[12] | CELIK Z B , BABUN L , SIKDER A K ,et al. Sensitive information tracking in commodity IoT[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 1687-1704. |
[13] | CELIK Z B , MCDANIEL P , TAN G . Soteria:automated IoT safety and security analysis[C]// USENIX Annual Technical Conference. Berkeley:USENIX Association, 2018: 147-158. |
[14] | CELIK Z B , TAN G , MCDANIEL P . IoTGuard:dynamic enforcement of security and safety policy in commodity IoT[C]// Proceedings 2019 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2019: 1-15. |
[15] | BASTYS I , BALLIU M , SABELFELD A . If this then what?:controlling flows in IoT Apps[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 1102-1119. |
[16] | ZHANG N , MI X H , FENG X ,et al. Dangerous skills:understanding and mitigating security risks of voice-controlled third-party functions on virtual personal assistant systems[C]// 2019 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2019: 1381-1396. |
[17] | KUMAR D , PACCAGNELLA R , MURLEY P ,et al. Skill squatting attacks on Amazon Alexa[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 33-47. |
[18] | ZHOU W , JIA Y , YAO Y ,et al. Discovering and understanding the security hazards in the Interactions between IoT devices,mobile APPs,and clouds on smart home platforms[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2019: 1133-1150. |
[19] | CHEN J Y , ZUO C S , DIAO W R ,et al. Your IoTs are (not) mine:on the remote binding between IoT devices and users[C]// 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. Piscataway:IEEE Press, 2019: 222-233. |
[20] | WANG Q , DATTA P , YANG W ,et al. Charting the attack surface of trigger-action IoT platforms[C]// Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2019: 1439-1453. |
[21] | JIA Y , XING L Y , MAO Y H ,et al. Burglars’ IoT paradise:understanding and mitigating security risks of general messaging protocols on IoT clouds[C]// 2020 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2020: 465-481. |
[22] | CAO X H , SHILA D M , CHENG Y ,et al. Ghost-in-ZigBee:energy depletion attack on ZigBee-based wireless networks[J]. IEEE Internet of Things Journal, 2016,3(5): 816-829. |
[23] | FAWAZ K , KIM K-H , SHIN K G . Protecting privacy of BLE device users[C]// SENIX Security Symposium. Berkeley:USENIX Association, 2016: 1205-1221. |
[24] | ANTONIOLI D , TIPPENHAUER N O , RASMUSSEN K . BIAS:bluetooth impersonation attacks[C]// 2020 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2020: 549-562. |
[25] | SETHI M , PELTONEN A , AURA T . Misbinding attacks on secure device pairing and bootstrapping[C]// Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. New York:ACM Press, 2019: 453-464. |
[26] | OCONNOR T J , ENCK W , REAVES B . Blinded and confused:uncovering systemic flaws in device telemetry for smart-home Internet of things[C]// Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks. New York:ACM Press, 2019: 140-150. |
[27] | WEN H , CHEN Q A , LIN Z . Plug-N-Pwned:comprehensive vulnerability analysis of OBD-II dongles as a new over-the-air attack surface in automotive IoT[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 949-965. |
[28] | ZHU Y Z , XIAO Z J , CHEN Y X ,et al. Et tu alexa? when commodity Wi-Fi devices turn into adversarial motion sensors[C]// Proceedings 2020 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2020: 1-15. |
[29] | LOPEZ-MARTIN M , CARRO B , SANCHEZ-ESGUEVILLAS A , ,et al. Network traffic classifier with convolutional and recurrent neural networks for Internet of things[J]. IEEE Access, 2017,5: 18042-18050. |
[30] | SIVANATHAN A , GHARAKHEILI H H , LOI F ,et al. Classifying IoT devices in smart environments using network traffic characteristics[J]. IEEE Transactions on Mobile Computing, 2019,18(8): 1745-1759. |
[31] | WOOD D , APTHORPE N , FEAMSTER N . Cleartext data transmissions in consumer IoT medical devices[C]// Proceedings of the 2017 Workshop on Internet of Things Security and Privacy. New York:ACM Press, 2017: 7-12. |
[32] | ACAR A , FEREIDOONI H , ABERA T ,et al. Peek-a-Boo:I see your smart home activities,even encrypted![C]// Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York:ACM Press, 2020: 207-218. |
[33] | TRIMANANDA R , VARMARKEN J , MARKOPOULOU A ,et al. packet-level signatures for smart home devices[C]// Proceedings 2020 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2020: 1-18. |
[34] | CLEMENTS A A , ALMAKHDHUB N S , SAAB K S ,et al. Protecting bare-metal embedded systems with privilege overlays[C]// 2017 IEEE Symposium on Security and Privacy. IEEE Press, 2017: 289-303. |
[35] | PEWNY J , GARMANY B , GAWLIK R ,et al. Cross-architecture bug search in binary executables[C]// 2016 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2016: 709-724. |
[36] | QUARTA D , POGLIANI M , POLINO M ,et al. An experimental security analysis of an industrial robot controller[C]// 2017 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2017: 268-286. |
[37] | ALMAKHDHUB N S , CLEMENTS A A , BAGCHI S ,et al. μRAI:securing embedded systems with return address integrity[C]// Proceedings 2020 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2020: 1-18. |
[38] | ZHOU J , DU Y , SHEN Z ,et al. Silhouette:efficient protected shadow stacks for embedded systems[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 1219-1236. |
[39] | REDINI N , MACHIRY A , WANG R ,et al. Karonte:detecting insecure multi-binary interactions in embedded firmware[C]// 2020 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2020: 1544-1561. |
[40] | YAO Y , ZHOU W , JIA Y ,et al. Identifying privilege separation vulnerabilities in IoT firmware with symbolic execution[C]// European Symposium on Research in Computer Security. Berlin:Springer, 2019: 638-657. |
[41] | MüLLER J , MLADENOV V , SOMOROVSKY J ,et al. SoK:exploiting network printers[C]// 2017 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2017: 213-230. |
[42] | CARLINI N , MISHRA P , VAIDYA T ,et al. Hidden voice commands[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2016: 513-530. |
[43] | ZHANG G M , YAN C , JI X Y ,et al. DolphinAttack:inaudible voice commands[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2017: 103-117. |
[44] | YUAN X , CHEN Y , ZHAO Y ,et al. Commandersong:a systematic approach for practical adversarial voice recognition[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 49-64. |
[45] | YAN Q B , LIU K H , ZHOU Q ,et al. SurfingAttack:interactive hidden attack on voice assistants using ultrasonic guided waves[C]// Proceedings 2020 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2020: 1-18. |
[46] | ROY N , SHEN S , HASSANIEH H ,et al. Inaudible voice commands:the long-range attack and defense[C]// USENIX Symposium on Networked Systems Design and Implementation. Berkeley:USENIX Association, 2018: 547-560. |
[47] | CHEN T , SHANGGUAN L , LI Z J ,et al. Metamorph:injecting inaudible commands into over-the-air voice controlled systems[C]// Proceedings 2020 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2020: 1-17. |
[48] | GRIFFIOEN H , DOERR C . Examining mirai's battle over the Internet of Things[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2020. |
[49] | SOLTAN S , MITTAL P , POOR H V . BlackIoT:IoT botnet of high wattage devices can disrupt the power grid[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 15-32. |
[50] | HUANG B , CARDENAS A A , BALDICK R . Not everything is dark and gloomy:power grid protections against IoT demand attacks[C]// Proceedings of the 28th USENIX Conference on Security Symposium. Berkeley:USENIX Association, 2019: 1115-1132. |
[51] | RONEN E , SHAMIR A , WEINGARTEN A O ,et al. IoT goes nuclear:creating a ZigBee chain reaction[C]// 2017 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2017: 195-212. |
[52] | WANG Q , HASSAN W U , BATES A ,et al. Fear and logging in the Internet of things[C]// Proceedings 2018 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2018: 1-16. |
[53] | SURBATOVICH M , ALJURAIDAN J , BAUER L ,et al. Some recipes can do more than spoil your appetite:analyzing the security and privacy risks of IFTTT recipes[C]// Proceedings of the 26th International Conference on World Wide Web. New York:ACM Press, 2017: 1501-1510. |
[54] | ZHANG Y Y , XU L , MENDOZA A ,et al. Life after speech recognition:fuzzing semantic misinterpretation for voice assistant applications[C]// Proceedings 2019 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2019: 1-15. |
[55] | DING W B , HU H X . On the safety of IoT device physical interaction control[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 832-846. |
[56] | SUBRAMANYAN P , MALIK S , KHATTRI H ,et al. Verifying information flow properties of firmware using symbolic execution[C]// Proceedings of the 2016 Design,Automation & Test in Europe Conference & Exhibition. Piscataway:IEEE Press, 2016: 337-342. |
[57] | HERNANDEZ G , FOWZE F , TIAN D ,et al. Firmusb:vetting USB device firmware using domain informed symbolic execution[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2017: 2245-2262. |
[58] | CHENG K , LI Q , WANG L ,et al. DTaint:detecting the taint-style vulnerability in embedded device firmware[C]// 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. Piscataway:IEEE Press, 2018: 430-441. |
[59] | ESCHWEILER S , YAKDAN K , GERHARDS-PADILLA E , . discovRE:efficient cross-architecture identification of bugs in binary code[C]// Proceedings 2016 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2016: 1-15. |
[60] | FENG Q , ZHOU R D , XU C C ,et al. Scalable graph-based bug search for firmware images[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 480-491. |
[61] | CHEN D D , EGELE M , WOO M ,et al. Towards automated dynamic analysis for linux-based embedded firmware[C]// Proceedings 2016 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2016: 1-16. |
[62] | ZHENG Y , DAVANIAN A , YIN H ,et al. FIRM-AFL:high-throughput greybox fuzzing of IoT firmware via augmented process emulation[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2019: 1099-1114. |
[63] | ZHU L P , FU X T , YAO Y ,et al. FIoT:detecting the memory corruption in lightweight IoT device firmware[C]// 2019 18th IEEE International Conference On Trust,Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering. Piscataway:IEEE Press, 2019: 248-255. |
[64] | MUENCH M , STIJOHANN J , KARGL F ,et al. What you corrupt is not what you crash:challenges in fuzzing embedded devices[C]// Proceedings 2018 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2018: 1-15. |
[65] | CLEMENTS A A , GUSTAFSON E , SCHARNOWSKI T ,et al. HALucinator:firmware re-hosting through abstraction layer emulation[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 1-18. |
[66] | FENG B , MERA A , LU L . P2IM:scalable and hardware-independent firmware testing via automatic peripheral interface modeling[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 1237-1254. |
[67] | CAO C , GUAN L , MING J ,et al. Device-agnostic firmware execution is possible:a concolic execution approach for peripheral emulation[C]// Annual Computer Security Applications Conference. New York:ACM Press, 2020: 746-759. |
[68] | ZHOU W , GUAN L , LIU P ,et al. Automatic firmware emulation through invalidity-guided knowledge inference[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2021: 1-19. |
[69] | CHEN J Y , DIAO W R , ZHAO Q C ,et al. IoTFuzzer:discovering memory corruptions in IoT through app-based fuzzing[C]// Proceedings 2018 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2018: 1-15. |
[70] | NILO R , ANDREA C , DIPANJAN D ,et al. DIANE:identifying fuzzing triggers in Apps to generate under-constrained inputs for IoT devices[C]// 2021 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2021: 484-500. |
[71] | ZUO C S , WEN H H , LIN Z Q ,et al. Automatic fingerprinting of vulnerable BLE IoT devices with static UUIDs from mobile Apps[C]// Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2019: 1469-1483. |
[72] | WANG X , SUN Y , NANDA S ,et al. Looking from the mirror:evaluating IoT device security through mobile companion apps[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2019: 1151-1167. |
[73] | FENG X , LI Q , WANG H ,et al. Acquisitional rule-based engine for discovering internet-of-things devices[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 327-341. |
[74] | YU L , LUO B , MA J ,et al. You are what you broadcast:identification of mobile and IoT devices from (Public) Wi-Fi[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 55-72. |
[75] | ZHANG W , MENG Y , LIU Y G ,et al. HoMonit:monitoring smart home Apps from encrypted traffic[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 1074-1088. |
[76] | CHO K-T , SHIN K G . Fingerprinting electronic control units for vehicle intrusion detection[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2016: 911-927. |
[77] | CHO K T , SHIN K G . Viden:attacker identification on in-vehicle networks[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2017: 1109-1123. |
[78] | CHOI H , LEE W C , AAFER Y ,et al. Detecting attacks against robotic vehicles:a control invariant approach[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 801-816. |
[79] | BIRNBACH S , EBERZ S , MARTINOVIC I . Peeves:physical event verification in smart homes[C]// Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2019: 1455-1467. |
[80] | FENG C , PALLETI V R , MATHUR A ,et al. A systematic framework to generate invariants for anomaly detection in industrial control systems[C]// Proceedings 2019 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2019: 1-15. |
[81] | FERNANDES E , PAUPORE J , RAHMATI A ,et al. FlowFence:practical data protection for emerging IoT application frameworks[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2016: 531-548. |
[82] | WEN H H , LIN Z Q , ZHANG Y Q . FirmXRay:detecting bluetooth link layer vulnerabilities from bare-metal firmware[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2020: 167-180. |
[83] | JIA Y J , CHEN Q A , WANG S Q ,et al. ContexIoT:towards providing contextual integrity to appified IoT platforms[C]// Proceedings 2017 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2017: 1-15. |
[84] | TIAN Y , ZHANG N , LIN Y-H ,et al. SmartAuth:user-centered authorization for the internet of things[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2017: 361-378. |
[85] | DEMETRIOU S , ZHANG N , LEE Y ,et al. HanGuard:SDN-driven protection of smart home Wi-Fi devices from malicious mobile apps[C]// Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York:ACM Press, 2017: 122-133. |
[86] | SCHUSTER R , SHMATIKOV V , TROMER E . Situational access control in the Internet of things[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 1056-1073. |
[87] | ZENG E , ROESNER F . Understanding and improving security and privacy in multi-user smart homes:a design exploration and in-home user study[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2019: 159-176. |
[88] | WANG W C , CICALA F , HUSSAIN S R ,et al. Analyzing the attack landscape of Zigbee-enabled IoT systems and reinstating users' privacy[C]// Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York:ACM Press, 2020: 133-143. |
[89] | ALSHAHRANI M , TRAORE I , WOUNGANG I . Anonymous mutual IoT interdevice authentication and key agreement scheme based on the ZigBee technique[J]. Internet of Things, 2019,7:100061. |
[90] | KUMAR S , HU Y , ANDERSEN M P ,et al. JEDI:many-to-many end-to-end encryption and key delegation for IoT[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2019: 1519-1536. |
[91] | XI W , QIAN C , HAN J S ,et al. Instant and robust authentication and key agreement among mobile devices[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 616-627. |
[92] | HAN J , CHUNG A J , SINHA M K ,et al. Do you feel what I hear? Enabling autonomous IoT device pairing using different sensor types[C]// 2018 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2018: 836-852. |
[93] | JIN W Q , LI M , MURALI S ,et al. Harnessing the ambient radio frequency noise for wearable device pairing[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2020: 1135-1148. |
[94] | LI X P , ZENG Q , LUO L N ,et al. T2Pair:secure and usable pairing for heterogeneous IoT devices[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2020: 309-323. |
[95] | APTHORPE N , HUANG D Y , REISMAN D ,et al. Keeping the smart home private with smart(er) IoT traffic shaping[J]. Proceedings on Privacy Enhancing Technologies, 2019,2019(3): 128-148. |
[96] | OCONNOR T J , MOHAMED R , MIETTINEN M ,et al. HomeSnitch:behavior transparency and control for smart home IoT devices[C]// Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks. New York:ACM Press, 2019: 128-138. |
[97] | KIM C H , KIM T , CHOI H ,et al. Securing real-time microcontroller systems through customized memory view switching[C]// Proceedings 2018 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2018: 1-15. |
[98] | CLEMENTS A A , ALMAKHDHUB N S , BAGCHI S ,et al. ACES:automatic compartments for embedded systems[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2018: 65-82. |
[99] | ABERA T , ASOKAN N , DAVI L ,et al. C-FLAT:control-flow attestation for embedded systems software[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 743-754. |
[100] | SUN Z C , FENG B , LU L ,et al. OAT:attesting operation integrity of embedded devices[C]// 2020 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2020: 1433-1449. |
[101] | ABERA T , BAHMANI R , BRASSER F ,et al. DIAT:data integrity attestation for resilient collaboration of autonomous systems[C]// Proceedings 2019 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2019: 1-15. |
[102] | MENG Y , WANG Z C , ZHANG W ,et al. WiVo:enhancing the security of voice control system via wireless signal in IoT environment[C]// Proceedings of the Eighteenth ACM International Symposium on Mobile Ad Hoc Networking and Computing. New York:ACM Press, 2018: 81-90. |
[103] | SHEZAN F H , CHENG K M , ZHANG Z ,et al. TKPERM:cross-platform permission knowledge transfer to detect overprivileged third-party applications[C]// Proceedings 2020 Network and Distributed System Security Symposium. Virginia:the Internet Society, 2020: 1-15. |
[104] | EMAMI-NAEINI P , AGARWAL Y , FAITH CRANOR L ,et al. Ask the experts:what should be on an IoT privacy and security label?[C]// 2020 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2020: 447-464. |
[105] | YU H , LIM J , KIM K ,et al. Pinto:enabling video privacy for commodity IoT cameras[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2018: 1089-1101. |
[106] | NASSI B , BEN-NETANEL R , SHAMIR A ,et al. Drones' cryptanalysis-smashing cryptography with a flicker[C]// 2019 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2019: 1397-1414. |
[107] | APTHORPE N J , VARGHESE S , FEAMSTER N . Evaluating the contextual integrity of privacy regulation:parents' IoT toy privacy norms versus COPPA[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2019: 123-140. |
[108] | JULIE H , YASEMIN A , SUSANNE F . “It's the company,the government,you and I”:user perceptions of responsibility for smart home privacy and security[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2021: 1-18. |
[109] | ZONG P , LV T , WANG D ,et al. FuzzGuard:filtering out unreachable inputs in directed grey-box fuzzing through deep learning[C]// USENIX Security Symposium. Berkeley:USENIX Association, 2020: 2255-2269. |
[110] | MANANDHAR S , MORAN K , KAFLE K ,et al. Towards a natural perspective of smart homes for practical security and safety analyses[C]// 2020 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2020: 482-499. |
[1] | 赵仕祺, 黄小红, 钟志港. 基于信誉的域间路由选择机制的研究与实现[J]. 通信学报, 2023, 44(6): 47-56. |
[2] | 金彪, 李逸康, 姚志强, 陈瑜霖, 熊金波. GenFedRL:面向深度强化学习智能体的通用联邦强化学习框架[J]. 通信学报, 2023, 44(6): 183-197. |
[3] | 刘盈泽, 郭渊博, 方晨, 李勇飞, 陈庆礼. 基于有限理性的网络防御策略智能规划方法[J]. 通信学报, 2023, 44(5): 52-63. |
[4] | 郑金志, 汲如意, 张立波, 赵琛. 基于Transformer解码的端到端场景文本检测与识别算法[J]. 通信学报, 2023, 44(5): 64-78. |
[5] | 李元诚, 秦永泰. 基于深度强化学习的软件定义安全中台QoS实时优化算法[J]. 通信学报, 2023, 44(5): 181-192. |
[6] | 周大成, 陈鸿昶, 何威振, 程国振, 扈红超. 基于深度强化学习的微服务多维动态防御策略研究[J]. 通信学报, 2023, 44(4): 50-63. |
[7] | 苏新, 张桂福, 行鸿彦, Zenghui Wang. 基于平衡生成对抗网络的海洋气象传感网入侵检测研究[J]. 通信学报, 2023, 44(4): 124-136. |
[8] | 陈晋音, 熊海洋, 马浩男, 郑雅羽. 基于对比学习的图神经网络后门攻击防御方法[J]. 通信学报, 2023, 44(4): 154-166. |
[9] | 谢人超, 文雯, 唐琴琴, 刘云龙, 谢高畅, 黄韬. 轨道交通移动边缘计算网络安全综述[J]. 通信学报, 2023, 44(4): 201-215. |
[10] | 罗智勇, 张玉, 王青, 宋伟伟. 基于贝叶斯攻击图的SDN入侵意图识别算法的研究[J]. 通信学报, 2023, 44(4): 216-225. |
[11] | 张进, 葛强, 徐伟海, 江逸茗, 马海龙, 于洪涛. 拟态路由器BGP代理的设计实现与形式化验证[J]. 通信学报, 2023, 44(3): 33-44. |
[12] | 余雪勇, 邱礼翔, 宋家宁, 朱洪波. 无人机辅助边缘计算中安全通信与能效优化策略[J]. 通信学报, 2023, 44(3): 45-54. |
[13] | 戴千一, 张斌, 郭松, 徐开勇. 基于多分类器集成的区块链网络层异常流量检测方法[J]. 通信学报, 2023, 44(3): 66-80. |
[14] | 徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127. |
[15] | 张艳硕, 刘宁, 袁煜淇, 杨亚涛. 基于ISRSAC数字签名算法的适配器签名方案[J]. 通信学报, 2023, 44(3): 178-185. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|