Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

Tagliaro, Carlotta; Komsic, Martina; Continella, Andrea; Borgolte, Kevin; Lindorfer, Martina

doi:10.1145/3678890.3678899

DC Field

Value

Language

dc.contributor.author

Tagliaro, Carlotta

dc.contributor.author

Komsic, Martina

dc.contributor.author

Continella, Andrea

dc.contributor.author

Borgolte, Kevin

dc.contributor.author

Lindorfer, Martina

dc.date.accessioned

2024-10-30T10:52:37Z

dc.date.available

2024-10-30T10:52:37Z

dc.date.issued

2024

dc.identifier.citation

<div class="csl-bib-body"> <div class="csl-entry">Tagliaro, C., Komsic, M., Continella, A., Borgolte, K., & Lindorfer, M. (2024). Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols. In <i>RAID ’24: Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses</i> (pp. 561–578). https://doi.org/10.1145/3678890.3678899</div> </div>

dc.identifier.uri

http://hdl.handle.net/20.500.12708/203812

dc.description.abstract

Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices’ vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem. We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).

dc.description.sponsorship

WWTF Wiener Wissenschafts-, Forschu und Technologiefonds

dc.language.iso

dc.rights.uri

http://creativecommons.org/licenses/by/4.0/

dc.subject

Internet of Things (IoT)

dc.subject

Backend Security

dc.subject

Large-scale Measurements

dc.subject

Message Queue Telemetry Transport (MQTT)

dc.subject

Constrained Application Protocol (CoAP)

dc.subject

Extensible Messaging and Presence Protocol (XMPP)

dc.subject

Network Security

dc.subject

Information Leakage

dc.subject

Denial of Service

dc.subject

Weak Authentication

dc.title

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

dc.type

Inproceedings

dc.type

Konferenzbeitrag

dc.rights.license

Creative Commons Namensnennung 4.0 International

dc.rights.license

Creative Commons Attribution 4.0 International

dc.contributor.affiliation

TU Wien, Austria

dc.relation.isbn

9798400709593

dc.description.startpage

561

dc.description.endpage

578

dc.relation.grantno

ICT19-056

dc.rights.holder

dc.type.category

Full-Paper Contribution

tuw.booktitle

RAID '24: Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses

tuw.peerreviewed

true

tuw.project.title

IoTIO: Analyse des Internet der Unsicheren Dinge

tuw.researchTopic.id

tuw.researchTopic.name

Information Systems Engineering

tuw.researchTopic.value

100

tuw.publication.orgunit

E192-06 - Forschungsbereich Security and Privacy

tuw.publisher.doi

10.1145/3678890.3678899

dc.identifier.libraryid

AC17346639

dc.description.numberOfPages

tuw.author.orcid

0009-0003-0095-4525

tuw.author.orcid

0009-0004-0464-8522

tuw.author.orcid

0000-0001-7427-7852

tuw.author.orcid

0000-0001-7001-4481

dc.rights.identifier

CC BY 4.0

dc.rights.identifier

CC BY 4.0

tuw.event.name

27th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2024)

tuw.event.startdate

30-09-2024

tuw.event.enddate

02-10-2024

tuw.event.online

On Site

tuw.event.type

Event for scientific audience

tuw.event.place

Padua

tuw.event.country

tuw.event.presenter

Tagliaro, Carlotta

tuw.event.track

Single Track

wb.sciencebranch

Informatik

wb.sciencebranch.oefos

1020

wb.sciencebranch.value

100

item.openairetype

conference paper

item.openaccessfulltext

Open Access

item.grantfulltext

mixedopen

item.mimetype

application/pdf

item.openairecristype

http://purl.org/coar/resource_type/c_5794

item.fulltext

with Fulltext

item.cerifentitytype

Publications

item.languageiso639-1

crisitem.author.dept

E192-06 - Forschungsbereich Security and Privacy

crisitem.author.dept

TU Wien, Austria

crisitem.author.dept

E192-06 - Forschungsbereich Security and Privacy

crisitem.author.orcid

0009-0003-0095-4525

crisitem.author.orcid

0009-0004-0464-8522

crisitem.author.orcid

0000-0001-7427-7852

crisitem.author.orcid

0000-0001-7001-4481

crisitem.author.parentorg

E192 - Institut für Logic and Computation

crisitem.author.parentorg

E192 - Institut für Logic and Computation

crisitem.project.funder

WWTF Wiener Wissenschafts-, Forschu und Technologiefonds

crisitem.project.grantno

ICT19-056

Appears in Collections:

Conference Paper

Fulltext (Version of Record (published version))

Adobe PDF

(1.01 MB)

CC BY 4.0

Show simple item record

Page view(s)

checked on Oct 30, 2024

Download(s)

checked on Oct 30, 2024

Google Scholar^TM

Check

Page view(s)

Download(s)

Google ScholarTM

Google Scholar^TM