Internet of Things (IoT) devices have rooted themselves in the everyday life of billions of people. While they automate and simplify many aspects of the users' lives, the widespread usage of IoT devices constitutes a security concern for our modern society. Aside from the privacy and safety implications of having a smart door lock that could succumb to an Internet-based attack, or a smoke detector that an assailant could disable by connecting to it from a compromised light bulb, vulnerabilities in these devices have wider implications. Recent large-scale attacks have shown that the sheer number of Internet-connected IoT devices poses a severe threat to the Internet infrastructure. The most prominent example is represented by the Mirai botnet that, in 2016, compromised millions of devices and leveraged them in denial-of-service attacks to disrupt core Internet services and shut down websites.For these reasons, it is of crucial importance to assess the security of IoT devices. Analyzing and securing IoT devices present different and specific challenges than analyzing and securing traditional desktop computers. The main reason is that IoT devices are manufactured by a plethora of different vendors, which often use vendor-specific hardware and software (or firmware) for their products. Given the heterogeneity and widespread usage of IoT devices, we need novel, automated, and scalable solutions able to improve the security of these devices.During my Ph.D., I approached the problem of securing IoT devices from different angles and using different strategies, which I present in detail in this dissertation. First, I introduce the IoT landscape, with particular attention to the peculiarities that characterize embedded firmware. Then, I present in detail my work that advances the state of the art of firmware security. In particular, I present (i) BootStomp, a novel tool to find bugs in bootloaders for embedded devices, (ii) Karonte, a novel static analysis approach to track data flows across the different components of a firmware sample to precisely uncover security vulnerabilities, (iii) Bintrimmer, a tool that relies on a novel abstract domain (called Signedness-Agnostic Strided Interval) to perform code debloating on binaries, thus decreasing the attack surface that could be used by an attacker to harm end-users, and, finally, (iv) DiAne, a novel approach to fuzz IoT devices that leverages the logic of the device's companion app (i.e., the application commonly used to interact with IoT devices). I evaluate the performance of the proposed approaches and show that the developed tools are effective in improving the security of firmware for IoT devices.
Index Terms
- Analyzing and Securing Firmware for IoT Devices
Recommendations
Firmware Update Attacks and Security for IoT Devices: Survey
ArabWIC 2019: Proceedings of the ArabWIC 6th Annual International Conference Research TrackThe increasing vulnerabilities found in Internet of Things (IoT) devices have raised the need for a solid mechanism of securing the firmware update of these connected objects, since firmware updates are one way to patch vulnerabilities and add security ...
A taxonomy of IoT firmware security and principal firmware analysis techniques
AbstractInternet of Things (IoT) has come a long way since its inception. However, the standardization process in IoT systems for a secure IoT solution is still in its early days. Numerous quality review articles have been contributed by ...
Graphical abstractDisplay Omitted
Hyperledger-Based Secure Firmware Update Delivery for IoT Devices
ArabWIC 2021: The 7th Annual International Conference on Arab Women in Computing in Conjunction with the 2nd Forum of Women in ResearchThe increase of relying on intelligent and connected devices in our home, company, and everyday life aspect leads to the rapid growth of the Internet of Things (IoT) technology. While some IoT devices communicate without the involvement of users, their ...