TY - GEN
T1 - Behind the Scenes
T2 - 23rd ACM Internet Measurement Conference, IMC 2023
AU - Dong, Hongying
AU - Shu, Hao
AU - Prakash, Vijay
AU - Zhang, Yizhe
AU - Paracha, Muhammad Talha
AU - Choffnes, David
AU - Torres-Arias, Santiago
AU - Huang, Danny Yuxing
AU - Sun, Yixin
N1 - Publisher Copyright:
© 2023 Owner/Author.
PY - 2023/10/24
Y1 - 2023/10/24
N2 - IoT devices are increasingly used in consumer homes. Despite recent works in characterizing IoT TLS usage for a limited number of in-lab devices, there exists a gap in quantitatively understanding TLS behaviors from devices in the wild and server-side certificate management. To bridge this knowledge gap, we conduct a new measurement study by focusing on the practice of device vendors, through a crowdsourced dataset of network traffic from 2,014 real-world IoT devices across 721 global users. By quantifying the sharing of TLS fingerprints across vendors and across devices, we uncover the prevalent use of customized TLS libraries (i.e., not matched to any known TLS libraries) and potential security concerns resulting from co-located TLS stacks of different services. Furthermore, we present the first known study on server-side certificate management for servers contacted by IoT devices. Our study highlights potential concerns in the TLS/PKI practice by IoT device vendors. We aim to raise visibility for these issues and motivate vendors to improve security practice.
AB - IoT devices are increasingly used in consumer homes. Despite recent works in characterizing IoT TLS usage for a limited number of in-lab devices, there exists a gap in quantitatively understanding TLS behaviors from devices in the wild and server-side certificate management. To bridge this knowledge gap, we conduct a new measurement study by focusing on the practice of device vendors, through a crowdsourced dataset of network traffic from 2,014 real-world IoT devices across 721 global users. By quantifying the sharing of TLS fingerprints across vendors and across devices, we uncover the prevalent use of customized TLS libraries (i.e., not matched to any known TLS libraries) and potential security concerns resulting from co-located TLS stacks of different services. Furthermore, we present the first known study on server-side certificate management for servers contacted by IoT devices. Our study highlights potential concerns in the TLS/PKI practice by IoT device vendors. We aim to raise visibility for these issues and motivate vendors to improve security practice.
KW - internet of things
KW - iot
KW - measurements
KW - network security
KW - pki
KW - public key infrastructure
KW - tls
KW - transport layer security
UR - http://www.scopus.com/inward/record.url?scp=85177614415&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85177614415&partnerID=8YFLogxK
U2 - 10.1145/3618257.3624815
DO - 10.1145/3618257.3624815
M3 - Conference contribution
AN - SCOPUS:85177614415
T3 - Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC
SP - 457
EP - 477
BT - IMC 2023 - Proceedings of the 2023 ACM on Internet Measurement Conference
PB - Association for Computing Machinery
Y2 - 24 October 2023 through 26 October 2023
ER -