Abstract
The security of wireless routers receives much attention given by the increasing security threats. In the era of Internet of Things, many devices pose security vulnerabilities, and there is a significant need to analyze the current security status of devices. In this paper, we develop WNV-Detector, a universal and scalable framework for detecting wireless network vulnerabilities. Based on semantic analysis and named entities recognition, we design rules for automatic device identification of wireless access points and routers. The rules are automatically generated based on the information extracted from the admin webpages, and can be updated with a semi-automated method. To detect the security status of devices, WNV-Detector aims to extract the critical identity information and retrieve known vulnerabilities. In the evaluation, we collect information through web crawlers and build a comprehensive vulnerability database. We also build a prototype system based on WNV-Detector and evaluate it with routers from various vendors on the market. Our results indicate that the effectiveness of our WNV-Detector, i.e., the success rate of vulnerability detection could achieve 95.5%.
Highlights
In recent years, Internet of Things (IoT) technology develops in a rapid manner
1.1 Examples of scenarios Based on the requirements of precise and accurate device identification, and due to the wide variety of IoT devices and different protocols in use, this paper mainly focuses on the wireless router, which is an essential entrance of the IoT
4.5.5 Scalability Our WNV-Detector proposed in this paper aims to identify vulnerabilities at wireless Access point (AP) and routers, while with a unified device management website, it can be extended to other IoT devices, such as gateways, smart cameras and speakers
Summary
Internet of Things (IoT) technology develops in a rapid manner. The traditional industrial IoT is widely used in energy, manufacturing, transportation, etc. A large number of sensors are connected to each other to effectively manage and maintain information, and improve the efficiency of industrial production [1,2,3]. As IoT gradually enters every household, a variety of smart home products bring convenience to our lives, and cause more security problems. In the year of 2016, the Mirai botnet infected a large number of embedded and IoT devices, launched several large-scale distributed denial of service attacks, and overwhelmed several high-profile targets [4]. In 2019, the Kr00k vulnerability [5] was widely found in Wi-Fi chips used in wireless access points, routers and terminal equipment, which affected more than one billion Wi-Fi devices
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
