Abstract
The growth of Internet-connected IoT devices brings many security issues, such as DDoS, weak password and embedded malware. The vulnerability analysis is a critical strategy to prevent security issues. Due to technical exclusivity of diverse manufacturers, their firmware is hard to patch timely and respectively. Therefore, the vulnerability of the device is closely related to the device firmware version. The identification of the firmware version is an essential prerequisite for protecting these devices from attack. With the increasing of IoT devices, device firmware identification is still a critical challenge. In this paper, we propose a new firmware identification method by analyzing webpages content directly based on a weak password. We extract the characteristics of the login page to identify the device type and brand, and then use classification and page segmentation to identify the model and firmware version of the device. We evaluated 74,307 devices to verify the effectiveness of our proposed method. Experimental results show that our method achieves an accuracy of 95.97%, superior to the other methods.
Highlights
With the deployment of 5G, the number of Internet of Things devices will increase significantly
We found that the vulnerabilities exploited by attackers are closely related to the device firmware version
Experimental results show that our method achieves 95.97% accuracy in device firmware identification, superior to other methods
Summary
With the deployment of 5G, the number of Internet of Things devices will increase significantly. We propose a new firmware identification method by directly analyzing the online web page of the IoT device instead of analyzing the firmware itself, which depends on the following facts: 1) The device’s web login page has distinct information to determine the type and brand of the device. D. Yu et al.: Large-Scale IoT Devices Firmware Identification Based on Weak Password login pages of different types and brands have obvious visual differences. Base on above fact 3), we further use weak passwords to assist in obtaining firmware version through analyzing the content of the web page. We utilize the webpage segmentation method to filter out redundant webpage blocks, accurately locate the main content block containing the firmware information and utilize regular expressions to extract the device type and firmware version. The rest of the paper is organized as follows: Section II describes the preliminaries for firmware identification; Section III describes the overall framework and detailed algorithm of the method; Section IV describes the experimental evaluation of the method; Section V outlines the related work; Section VI describes the conclusions and future work
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
