Related papers: On Manually Reverse Engineering Communication Prot…
Reverse engineering of a communications network is the process of identifying the communications protocol used in the network. This problem arises in various situations such as eavesdropping, intelligent jamming, cognitive radio, and…
The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart…
Bluetooth is one of the most established technologies for short range digital wireless data transmission. With the advent of wearables and the Internet of Things (IoT), Bluetooth has again gained importance, which makes security research…
Since hardware oftentimes serves as the root of trust in our modern interconnected world, malicious hardware manipulations constitute a ubiquitous threat in the context of the Internet of Things (IoT). Hardware reverse engineering is a…
In various scenarios, achieving security between IoT devices is challenging since the devices may have different dedicated communication standards, resource constraints as well as various applications. In this article, we first provide…
Recent high-profile attacks on the Internet of Things (IoT) have brought to the forefront the vulnerability of "smart" devices, and have resulted in numerous IoT-focused security analyses. Many of the attacks had weak device configuration…
With the development of Internet of Things (IoT), it is gaining a lot of attention. It is important to secure the embedded systems with low overhead. The Linux Seccomp is widely used by developers to secure the kernels by blocking the…
The proliferation of Internet of Things (IoT) devices has introduced significant security challenges, primarily due to the opacity of firmware components and the complexity of supply chain dependencies. IoT firmware frequently relies on…
Embedded devices are specialised devices designed for one or only a few purposes. They are often part of a larger system, through wired or wireless connection. Those embedded devices that are connected to other computers or embedded systems…
Existing countermeasures for hardware IP protection, such as obfuscation, camouflaging, and redaction, aim to defend against confidentiality and integrity attacks. However, within the current threat model, these techniques overlook the…
Low-cost Internet of Things (IoT) devices are increasingly popular but often insecure due to poor update regimes. As a result, many devices run outdated and known-vulnerable versions of open-source software. We address this problem by…
Nowadays, IoT devices have been widely deployed for enabling various smart services, such as, smart home or e-healthcare. However, security remains as one of the paramount concern as many IoT devices are vulnerable. Moreover, IoT malware…
Firmware refers to device read-only resident code which includes microcode and macro-instruction -level routines. For Internet-of-Things (IoT) devices without an operating system, firmware includes all the necessary instructions on how such…
Proliferation of IoT devices in society demands a renewed focus on securing the use and maintenance of such systems. IoT-based systems will have a great impact on society and therefore such systems must have guaranteed resilience. We…
With the proliferation of Internet of Things (IoT) devices, ensuring secure communications has become imperative. Due to their low cost and embedded nature, many of these devices operate with computational and energy constraints, neglecting…
Protocol reverse engineering stands as the cutting-edge approach in security research. This paper presents a framework capable of reverse engineering the communications within a mobile communication system. Our focus is on systems released…
Cybercriminals use Return Oriented Programming techniques to attack systems and IoT devices. While defenses have been developed, not all of them are applicable to constrained devices. We present Shakedown, which is a compile-time…
Embedded real-time devices for monitoring, controlling, and collaboration purposes in cyber-physical systems are now commonly equipped with IP networking capabilities. However, the reception and processing of IP packets generates workloads…
This is a comment on "RIO: Return Instruction Obfuscation for Bare-Metal IoT Devices with Binary Analysis". RIO prevents finding gadgets for Return-Oriented Programming attacks by encrypting return instructions. This paper shows flaws in…
As IoT systems are given more responsibility and autonomy, they offer greater benefits, but also carry greater risks. We believe this trend invigorates an old challenge of software engineering: how to develop high-risk software-intensive…