TY - GEN
T1 - Extended functionality attacks on IoT devices
T2 - 1st IEEE European Symposium on Security and Privacy, EURO S and P 2016
AU - Ronen, Eyal
AU - Shamir, Adi
N1 - Publisher Copyright: © 2016 IEEE.
PY - 2016/5/9
Y1 - 2016/5/9
N2 - In this paper we consider the security aspects of Internet of Things (IoT) devices, which bridge the physical and virtual worlds. We propose a new taxonomy of attacks, which classifies them into four broad categories. The most interesting category (which we call functionality extension attacks) uses the designed functionality of the IoT device to achieve a totally different effect. To demonstrate this type of attack, we consider the case of smart lights (whose original functionality is just to control the color and intensity of the lights in a particular room) and show how to use them to achieve unrelated effects. In the first attack, we use smart lights as a covert LIFI communication system to exfiltrate data from a highly secure (or even fully airgapped) office building. We implemented the attack and were able to read the leaked data from a distance of over 100 meters using only cheap and readily available equipment. In another attack, we showed that an attacker can strobe the lights at a frequency which may trigger seizures in people suffering from photosensitive epilepsy (in the same way that rapidly flashing video games can cause such seizures). In our experiments, we have tested both high-end and lower-end smart light systems, ranging from an expensive Philips HUE system to a cheap system manufactured by LimitlessLED. In addition, we consider other weaknesses of the systems we tested, and propose feasible remedies for the problems we found.
AB - In this paper we consider the security aspects of Internet of Things (IoT) devices, which bridge the physical and virtual worlds. We propose a new taxonomy of attacks, which classifies them into four broad categories. The most interesting category (which we call functionality extension attacks) uses the designed functionality of the IoT device to achieve a totally different effect. To demonstrate this type of attack, we consider the case of smart lights (whose original functionality is just to control the color and intensity of the lights in a particular room) and show how to use them to achieve unrelated effects. In the first attack, we use smart lights as a covert LIFI communication system to exfiltrate data from a highly secure (or even fully airgapped) office building. We implemented the attack and were able to read the leaked data from a distance of over 100 meters using only cheap and readily available equipment. In another attack, we showed that an attacker can strobe the lights at a frequency which may trigger seizures in people suffering from photosensitive epilepsy (in the same way that rapidly flashing video games can cause such seizures). In our experiments, we have tested both high-end and lower-end smart light systems, ranging from an expensive Philips HUE system to a cheap system manufactured by LimitlessLED. In addition, we consider other weaknesses of the systems we tested, and propose feasible remedies for the problems we found.
UR - http://www.scopus.com/inward/record.url?scp=84978032627&partnerID=8YFLogxK
U2 - https://doi.org/10.1109/EuroSP.2016.13
DO - https://doi.org/10.1109/EuroSP.2016.13
M3 - منشور من مؤتمر
T3 - Proceedings - 2016 IEEE European Symposium on Security and Privacy, EURO S and P 2016
SP - 3
EP - 12
BT - Proceedings - 2016 IEEE European Symposium on Security and Privacy, EURO S and P 2016
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 21 March 2016 through 24 March 2016
ER -