• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Securing the IoT. Utilizing conformance tessuites for fuzzing
 
  • Details
  • Full
Options
2019
Conference Paper
Title

Securing the IoT. Utilizing conformance tessuites for fuzzing

Abstract
IoT devices are widely used in almost all vertical domains like homes, factories or as wearables on the body. This diversity is reflected in a variety of implementations which creates challenges for security testing due to the lag of applicability of out-of-the-box security testing solutions, like existing in other areas. We're introducing a security testing suite that is capable of providing security tests. Our security test suite is part of the Eclipse IoT-Testware project. It is capable of creating fuzz test cases from conformance test suites for devices automatically, regardless of the used protocols. Eclipse IoT-Testware reads into the communication between two devices, generates a model of the used protocol and generates fuzz data using the generation library Fuzzino. This solution has found vulnerabilities in ITS devices and flaws in devices using COAP and MQTT.
Author(s)
Knoblauch, Dorian  
Fraunhofer-Institut für Offene Kommunikationssysteme FOKUS  
Hackel, Sascha  
Fraunhofer-Institut für Offene Kommunikationssysteme FOKUS  
Mainwork
Embedded World Conference 2019. DVD-ROM  
Project(s)
IoT-T
Funder
Bundesministerium für Wirtschaft und Energie BMWi (Deutschland)  
Conference
Embedded World Exhibition and Conference 2019  
DOI
10.24406/publica-fhg-406137
File(s)
N-572061.pdf (466.14 KB)
Rights
Under Copyright
Language
English
Fraunhofer-Institut für Offene Kommunikationssysteme FOKUS  
Keyword(s)
  • IoT

  • security

  • fuzzing

  • testing conformance

  • negative testing

  • TTCN-3

  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024