Smart city is a multi-disciplinary, multi-field, highly integrated large-scale system. One of the core components of the intelligent system of smart city is the Internet of Things (IoT), which drives the technologies that enable the perception of, as well as interaction and coordination with the physical world by the digital...
Tag: IoT Security
Annual IoT Security Report 2019-18
Introduction IoT devices are faced with a great security challenge and their security appears particularly important. On one hand, though IoT devices have had a long existence, legacy IoT devices and their application protocols contain a variety of vulnerabilities due to the ill-conceived security design. On the other hand, as...
Annual IoT Security Report 2019-17
Malicious Behaviors Targeting UPnP Vulnerabilities We captured four kinds of UPnP exploits 1, as shown in Table 4-7. Apparently, all the exploits targeted remote command execution vulnerabilities. Besides, we found that when a vulnerability is found on a specific port, attackers usually directly hit this port by skipping the UPnP...
Annual IoT Security Report 2019-16
The following sections analyze threats from the port mapping service based on UPnP port mapping tables collected from network-wide devices. Overview In the 2018 Annual IoT Security Report , we focused our attention on four types of malicious port mappings that had the most distinctive characteristics and the most extensive...
Annual IoT Security Report 2019-15
In the 2018 Annual IoT Security Report, we analyzed threats against UPnP and you can refer to the report for basics of UPnP. In this report, we updated UPnP-related data and added new findings. Viewpoint 6: Approximately 2.28 million IoT devices around the world had the UPnP/SSDP service (port 1900)...
Annual IoT Security Report 2019-14
This section analyzes WS-Discovery reflection attacks. For details about the WS-Discovery service, see section 1.6 WS-Discovery First Found to Be Abused for DDoS Reflection Attacks. (mais…)
