|
|
Vulnerabilities in IoT devices, backends, applications, and components |
|---|---|
| Author: | Kaksonen, Rauli1; Halunen, Kimmo1; Röning, Juha1 |
| Organizations: |
1University of Oulu, Oulu, Finland |
| Format: | article |
| Version: | published version |
| Access: | open |
| Online Access: | PDF Full Text (PDF, 0.3 MB) |
| Persistent link: | http://urn.fi/urn:nbn:fi-fe20230905119463 |
| Language: | English |
| Published: |
Scitepress,
2023
|
| Publish Date: | 2023-09-05 |
| Description: |
AbstractThe Internet of Things (IoT) is the ecosystem of networked devices encountered in both work and home. IoT security is a great concern and vulnerabilities are reported daily. IoT is mixed into other digital infrastructure both in terms of sharing the same networks and using the same software components. In this paper, we analyze Common Vulnerabilities and Exposures (CVE) entries, including known exploited vulnerabilities, to describe the vulnerabilities in the IoT context. The results indicate that 88% of reported vulnerabilities are relevant to IoT systems. Half of the vulnerabilities are in the backend or frontend systems while 10‐20% concern the IoT devices. HTTP servers are the vulnerability hotspots wherever they are located. Software components are used in all IoT subsystems and tracking and updating them is essential for system security. The results can be used to understand where and what kind of vulnerabilities are in IoT systems. see all
|
| Series: |
ICISSP |
| ISSN: | 2184-4356 |
| ISSN-E: | 2184-4356 |
| ISSN-L: | 2184-4356 |
| ISBN: | 978-989-758-624-8 |
| Pages: | 659 - 668 |
| DOI: | 10.5220/0011784400003405 |
| OADOI: | https://oadoi.org/10.5220/0011784400003405 |
| Host publication: |
Proceedings of the 9th International Conference on Information Systems Security and Privacy |
| Conference: |
International Conference on Information Systems Security and Privacy |
| Type of Publication: |
A4 Article in conference proceedings |
| Field of Science: |
213 Electronic, automation and communications engineering, electronics |
| Subjects: | |
| Funding: |
This work is supported by Finnish Scientific Advisory Board for Defence (MATINE/2500M-0152). |
| Copyright information: |
© 2023 by SCITEPRESS – Science and Technology Publications, Lda. Under CC license (CC BY-NC-ND 4.0). |
|
https://creativecommons.org/licenses/by-nc-nd/4.0/ |