Título
Fuzzing the Internet of Things: A Review on the Techniques and Challenges for Efficient Vulnerability Discovery in Embedded SystemsAutor-a
Otras instituciones
IkerlanVersión
Postprint
Derechos
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Acceso
Acceso abiertoVersión del editor
https://doi.org/10.1109/JIOT.2021.3056179Publicado en
IEEE Internet of Things Journal. Early AccessEditor
IEEEPalabras clave
Embedded Systems
fuzzing
IoT
software testing ... [+]
fuzzing
IoT
software testing ... [+]
Embedded Systems
fuzzing
IoT
software testing
vulnerabilities [-]
fuzzing
IoT
software testing
vulnerabilities [-]
Resumen
With a growing number of embedded devices that create, transform and send data autonomously at its core, the Internet-of-Things (IoT) is a reality in different sectors such as manufacturing, healthcar ... [+]
With a growing number of embedded devices that create, transform and send data autonomously at its core, the Internet-of-Things (IoT) is a reality in different sectors such as manufacturing, healthcare or transportation. With this expansion, the IoT is becoming more present in critical environments, where security is paramount. Infamous attacks such as Mirai have shown the insecurity of the devices that power the IoT, as well as the potential of such large-scale attacks. Therefore, it is important to secure these embedded systems that form the backbone of the IoT. However, the particular nature of these devices and their resource constraints mean that the most cost-effective manner of securing these devices is to secure them before they are deployed, by minimizing the number of vulnerabilities they ship. To this end, fuzzing has proved itself as a valuable technique for automated vulnerability finding, where specially crafted inputs are fed to programs in order to trigger vulnerabilities and crash the system. In this survey, we link the world of embedded IoT devices and fuzzing. For this end, we list the particularities of the embedded world as far as security is concerned, we perform a literature review on fuzzing techniques
and proposals, studying their applicability to embedded IoT devices and, finally, we present future research directions by pointing out the gaps identified in the review. [-]
Sponsorship
Gobierno VascoID Proyecto
GV/Elkartek 2019/KK-2019-00072/CAPV/Segurtasun Integrala Industria Adimentsurako/SENDAIColecciones
- Artículos - Ingeniería [684]
El ítem tiene asociados los siguientes ficheros de licencia: