Cargando…
Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk
We present our results to identify and assess IoT devices on a large-scale and heterogeneous network. This work shows that IoT devices endanger networks significantly. With our NetScanIoT software, a total of 19 categories of IoT devices were detected successfully. After identifying these devices wi...
| Autores principales: | , , |
|---|---|
| Lenguaje: | eng |
| Publicado: |
2019
|
| Materias: | |
| Acceso en línea: | http://cds.cern.ch/record/2724107 |
| _version_ | 1780965967472361472 |
|---|---|
| author | Agarwal, Sharad Lueders, Stefan Oser, Pascal |
| author_facet | Agarwal, Sharad Lueders, Stefan Oser, Pascal |
| author_sort | Agarwal, Sharad |
| collection | CERN |
| description | We present our results to identify and assess IoT devices on a large-scale and heterogeneous network. This work shows that IoT devices endanger networks significantly. With our NetScanIoT software, a total of 19 categories of IoT devices were detected successfully. After identifying these devices with WID, we performed a manual vulnerability assessment on them. This assessment showed that IoT manufacturers did not secure their devices and, moreover, on certain devices did not allow the user to change the credentials at all. The Web-IoT detection tool was able to identify 11 out of 19 categories of IoT devices consisting of 42 various models, manufactured by 26 different vendors. We also identified the corresponding manufacturer and firmware version for these 42 device models which can be used later on for risk identification, associated with these firmware versions. |
| id | cern-2724107 |
| institution | Organización Europea para la Investigación Nuclear |
| language | eng |
| publishDate | 2019 |
| record_format | invenio |
| spelling | cern-27241072020-07-17T20:12:34Zhttp://cds.cern.ch/record/2724107engAgarwal, SharadLueders, StefanOser, PascalDetecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk7th Control System Cyber-Security Workshop (CS)2/HEPTalkWe present our results to identify and assess IoT devices on a large-scale and heterogeneous network. This work shows that IoT devices endanger networks significantly. With our NetScanIoT software, a total of 19 categories of IoT devices were detected successfully. After identifying these devices with WID, we performed a manual vulnerability assessment on them. This assessment showed that IoT manufacturers did not secure their devices and, moreover, on certain devices did not allow the user to change the credentials at all. The Web-IoT detection tool was able to identify 11 out of 19 categories of IoT devices consisting of 42 various models, manufactured by 26 different vendors. We also identified the corresponding manufacturer and firmware version for these 42 device models which can be used later on for risk identification, associated with these firmware versions.IT-TALK-2019-003oai:cds.cern.ch:27241072019 |
| spellingShingle | Talk Agarwal, Sharad Lueders, Stefan Oser, Pascal Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk |
| title | Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk |
| title_full | Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk |
| title_fullStr | Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk |
| title_full_unstemmed | Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk |
| title_short | Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk |
| title_sort | detecting iot devices and how they put large heterogeneous networks at security risk |
| topic | Talk |
| url | http://cds.cern.ch/record/2724107 |
| work_keys_str_mv | AT agarwalsharad detectingiotdevicesandhowtheyputlargeheterogeneousnetworksatsecurityrisk AT luedersstefan detectingiotdevicesandhowtheyputlargeheterogeneousnetworksatsecurityrisk AT oserpascal detectingiotdevicesandhowtheyputlargeheterogeneousnetworksatsecurityrisk AT agarwalsharad 7thcontrolsystemcybersecurityworkshopcs2hep AT luedersstefan 7thcontrolsystemcybersecurityworkshopcs2hep AT oserpascal 7thcontrolsystemcybersecurityworkshopcs2hep |