Related papers: IoTFuzzSentry: A Protocol Guided Mutation Based Fuzzer for Automatic Vulnerability Testing in Commercial IoT Devices

IoTFuzzSentry: A Protocol Guided Mutation Based Fuzzer for Automatic Vulnerability Testing in Commercial IoT Devices

URL: http://arxiv.org/abs/2509.09158v1
Date: Thu, 11 Sep 2025 05:40:18 GMT
Title: IoTFuzzSentry: A Protocol Guided Mutation Based Fuzzer for Automatic Vulnerability Testing in Commercial IoT Devices
Authors: Priyanka Rushikesh Chaudhary, Rajib Ranjan Maiti,
Abstract summary: We present a mutation-based fuzzing tool, named IoTFuzzSentry, to identify specific non-trivial vulnerabilities in commercial IoT devices.<n>We show how these vulnerabilities can be exploited in real-world scenarios.<n>We have responsibly disclosed all these vulnerabilities to the respective vendors.
Score: 1.5970777144214099
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Protocol fuzzing is a scalable and cost-effective technique for identifying security vulnerabilities in deployed Internet of Things devices. During their operational phase, IoT devices often run lightweight servers to handle user interactions, such as video streaming or image capture in smart cameras. Implementation flaws in transport or application-layer security mechanisms can expose IoT devices to a range of threats, including unauthorized access and data leakage. This paper addresses the challenge of uncovering such vulnerabilities by leveraging protocol fuzzing techniques that inject crafted transport and application-layer packets into IoT communications. We present a mutation-based fuzzing tool, named IoTFuzzSentry, to identify specific non-trivial vulnerabilities in commercial IoT devices. We further demonstrate how these vulnerabilities can be exploited in real-world scenarios. We integrated our fuzzing tool into a well-known testing tool Cotopaxi and evaluated it with commercial-off-the-shelf IoT devices such as IP cameras and Smart Plug. Our evaluation revealed vulnerabilities categorized into 4 types (IoT Access Credential Leakage, Sneak IoT Live Video Stream, Creep IoT Live Image, IoT Command Injection) and we show their exploits using three IoT devices. We have responsibly disclosed all these vulnerabilities to the respective vendors. So far, we have published two CVEs, CVE-2024-41623 and CVE-2024-42531, and one is awaiting. To extend the applicability, we have investigated the traffic of six additional IoT devices and our analysis shows that these devices can have similar vulnerabilities, due to the presence of a similar set of application protocols. We believe that IoTFuzzSentry has the potential to discover unconventional security threats and allow IoT vendors to strengthen the security of their commercialized IoT devices automatically with negligible overhead.

Related papers

Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway [45.70482328441101]
This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic by analyzing network behavior at the edge.<n>We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic.<n>This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.
arXiv Detail & Related papers (2025-04-22T09:40:05Z)
Is Your Kettle Smarter Than a Hacker? A Scalable Tool for Assessing Replay Attack Vulnerabilities on Consumer IoT Devices [1.5612101323427952]
ENISA and NIST security guidelines emphasize the importance of enabling default local communication for safety and reliability. We propose a tool, named REPLIOT, able to test whether a replay attack is successful or not, without prior knowledge of the target devices. We find that 75% of the remaining devices are vulnerable to replay attacks with REPLIOT having a detection accuracy of 0.98-1.
arXiv Detail & Related papers (2024-01-22T18:24:41Z)
Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z)
IoTScent: Enhancing Forensic Capabilities in Internet of Things Gateways [45.44831696628473]
This paper presents IoTScent, an open-source forensic tool that enables IoT gateways and Home Automation platforms to perform IoT traffic capture and analysis. IoTScent is specifically designed to operate over IEEE5.4-based traffic, which is the basis for many IoT-specific protocols such as Zigbee, 6LoWPAN and Thread. This work provides a comprehensive description of the IoTScent tool, including a practical use case that demonstrates the use of the tool to perform device identification from Zigbee traffic.
arXiv Detail & Related papers (2023-10-05T09:10:05Z)
SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
arXiv Detail & Related papers (2023-09-26T08:11:38Z)
Caveat (IoT) Emptor: Towards Transparency of IoT Device Presence (Full Version) [12.842258850026878]
Hidden IoT devices can snoop (via sensing) on nearby unsuspecting users, and impact the environment where unaware users are present, via actuation. This paper constructs a privacy-agileuation RootofTrust architecture for devices, called PAISA. It guarantees timely and secure announcements about IoT devices' presence and their capabilities.
arXiv Detail & Related papers (2023-09-07T09:08:31Z)
IoT Device Identification Based on Network Communication Analysis Using Deep Learning [43.0717346071013]
The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices. To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network. In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
arXiv Detail & Related papers (2023-03-02T13:44:58Z)
Zero-Bias Deep Learning for Accurate Identification of Internet of Things (IoT) Devices [20.449229983283736]
We propose an enhanced deep learning framework for IoT device identification using physical layer signals. We have evaluated the effectiveness of the proposed framework using real data from ADS-B (Automatic Dependent Surveillance-Broadcast), an application of IoT in aviation.
arXiv Detail & Related papers (2020-08-27T20:50:48Z)
IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)
IoT Behavioral Monitoring via Network Traffic Analysis [0.45687771576879593]
This thesis is the culmination of our efforts to develop techniques to profile the network behavioral pattern of IoTs. We develop a robust machine learning-based inference engine trained with attributes from traffic patterns. We demonstrate real-time classification of 28 IoT devices with over 99% accuracy.
arXiv Detail & Related papers (2020-01-28T23:13:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.