Detecting compromised IoT devices: Existing techniques, challenges, and a way forward

IoT devices, whether connected to the Internet or operating in a private network, are vulnerable to cyber attacks from external or internal attackers or insiders who may succeed in physically compromising an IoT device. Once compromised, the IoT device can join a botnet to participate in large-scale...

Full description

Saved in:
Bibliographic Details
Published inComputers & security Vol. 132; p. 103384
Main Authors Makhdoom, Imran, Abolhasan, Mehran, Franklin, Daniel, Lipman, Justin, Zimmermann, Christian, Piccardi, Massimo, Shariati, Negin
Format Journal Article
LanguageEnglish
Published Elsevier Ltd 01.09.2023
Subjects
Code integrity
Device attestation
Device integrity
Internet of things
IoT security
IoT threats
Memory attestation
Internet of things
Code integrity
Device integrity
Device attestation
IoT security
IoT threats
Memory attestation
Online AccessGet full text

Cover

More Information
Summary:IoT devices, whether connected to the Internet or operating in a private network, are vulnerable to cyber attacks from external or internal attackers or insiders who may succeed in physically compromising an IoT device. Once compromised, the IoT device can join a botnet to participate in large-scale distributed attacks (potentially recruiting additional nodes), exfiltrating confidential data or injecting false data into critical data sets, corrupting subsequent data analytics. Although various device attestation techniques are available to detect malicious IoT devices, these methods do not fully address all aspects of a potentially compromised node. This study explores current state-of-the-art approaches for detecting a malicious/compromised node in the network, highlights related challenges, and proposes a way forward for developing secure and economical attestation protocols.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2023.103384