TY - GEN
T1 - Web-based attacks to discover and control local IoT devices
AU - Acar, Gunes
AU - Huang, Danny Yuxing
AU - Li, Frank
AU - Narayanan, Arvind
AU - Feamster, Nick
N1 - Publisher Copyright:
© 2018 Association for Computing Machinery.
PY - 2018/8/7
Y1 - 2018/8/7
N2 - In this paper, we present two web-based attacks against local IoT devices that any malicious web page or third-party script can perform, even when the devices are behind NATs. In our attack scenario, a victim visits the attacker's website, which contains a malicious script that communicates with IoT devices on the local network that have open HTTP servers. We show how the malicious script can circumvent the same-origin policy by exploiting error messages on the HTML5 MediaError interface or by carrying out DNS rebinding attacks.We demonstrate that the attacker can gather sensitive information from the devices (e.g., unique device identifiers and precise geolocation), track and profile the owners to serve ads, or control the devices by playing arbitrary videos and rebooting. We propose potential countermeasures to our attacks that users, browsers, DNS providers, and IoT vendors can implement.
AB - In this paper, we present two web-based attacks against local IoT devices that any malicious web page or third-party script can perform, even when the devices are behind NATs. In our attack scenario, a victim visits the attacker's website, which contains a malicious script that communicates with IoT devices on the local network that have open HTTP servers. We show how the malicious script can circumvent the same-origin policy by exploiting error messages on the HTML5 MediaError interface or by carrying out DNS rebinding attacks.We demonstrate that the attacker can gather sensitive information from the devices (e.g., unique device identifiers and precise geolocation), track and profile the owners to serve ads, or control the devices by playing arbitrary videos and rebooting. We propose potential countermeasures to our attacks that users, browsers, DNS providers, and IoT vendors can implement.
KW - DNS rebinding
KW - Internet of Things
KW - JavaScript
KW - Privacy
UR - http://www.scopus.com/inward/record.url?scp=85056535118&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85056535118&partnerID=8YFLogxK
U2 - 10.1145/3229565.3229568
DO - 10.1145/3229565.3229568
M3 - Conference contribution
AN - SCOPUS:85056535118
T3 - IoT S and P 2018 - Proceedings of the 2018 Workshop on IoT Security and Privacy, Part of SIGCOMM 2018
SP - 29
EP - 35
BT - IoT S and P 2018 - Proceedings of the 2018 Workshop on IoT Security and Privacy, Part of SIGCOMM 2018
PB - Association for Computing Machinery, Inc
T2 - 2nd ACM SIGCOMM Workshop on the Internet-of-Things Security and Privacy, IoT S and P 2018
Y2 - 20 August 2018
ER -