Security analysis and exploitation of arduino devices in the internet of things

UCC | UCC Library | IRIS

→
College of Science, Engineering and Food Science
→
Computer Science
→
Computer Science - Conference Items
→
View Item

dc.contributor.author	Alberca, Carlos
dc.contributor.author	Pastrana, Sergio
dc.contributor.author	Suarez-Tangil, Guillermo
dc.contributor.author	Palmieri, Paolo
dc.date.accessioned	2017-09-22T15:44:56Z
dc.date.available	2017-09-22T15:44:56Z
dc.date.issued	2016-05
dc.identifier.citation	Alberca, C., Pastrana, S., Suarez-Tangil, G. and Palmieri, P. 'Security analysis and exploitation of arduino devices in the internet of things', Proceedings of the ACM International Conference on Computing Frontiers, Como, Italy. 2911708: ACM, 437-442. doi:10.1145/2903150.2911708	en
dc.identifier.startpage	437	en
dc.identifier.endpage	442	en
dc.identifier.isbn	978-1-4503-4128-8
dc.identifier.uri	http://hdl.handle.net/10468/4778
dc.identifier.doi	10.1145/2903150.2911708
dc.description.abstract	The pervasive presence of interconnected objects enables new communication paradigms where devices can easily reach each other while interacting within their environment. The so-called Internet of Things (IoT) represents the integration of several computing and communications systems aiming at facilitating the interaction between these devices. Arduino is one of the most popular platforms used to prototype new IoT devices due to its open, flexible and easy-to-use architecture. Ardunio Yun is a dual board microcontroller that supports a Linux distribution and it is currently one of the most versatile and powerful Arduino systems. This feature positions Arduino Yun as a popular platform for developers, but it also introduces unique infection vectors from the security viewpoint. In this work, we present a security analysis of Arduino Yun. We show that Arduino Yun is vulnerable to a number of attacks and we implement a proof of concept capable of exploiting some of them.	en
dc.description.sponsorship	Ministerio de Economía y Competitividad, Spain (MINECO Grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You)); Consejería de Educación, Juventud y Deporte, Comunidad de Madrid (CAM Grant S2013/ICE- 3095 (CIBERDINE))	en
dc.format.mimetype	application/pdf	en
dc.language.iso	en	en
dc.publisher	Association for Computing Machinery (ACM)	en
dc.relation.ispartof	ACM International Conference on Computing Frontiers, CF'16, Como, Italy, May 16-19, 2016, Proceedings
dc.relation.uri	https://dl.acm.org/citation.cfm?id=2911708
dc.rights	© 2016 ACM. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in CF '16 Proceedings of the ACM International Conference on Computing Frontiers, http://doi.org/10.1145/2903150.2911708	en
dc.subject	Internet of Things (IoT)	en
dc.subject	Communication paradigm	en
dc.subject	Communications systems	en
dc.subject	Linux distributions	en
dc.subject	Popular platform	en
dc.subject	Proof of concept	en
dc.subject	Security analysis	en
dc.subject	Computer operating systems	en
dc.subject	Internet	en
dc.subject	Security systems	en
dc.title	Security analysis and exploitation of arduino devices in the internet of things	en
dc.type	Conference item	en
dc.internal.authorcontactother	Paolo Palmieri, Computer Science, University College Cork, Cork, Ireland. +353-21-490-3000 Email: paolo.palmieri@ucc.ie	en
dc.internal.availability	Full text available	en
dc.date.updated	2017-09-20T15:23:48Z
dc.description.version	Accepted Version	en
dc.internal.rssid	411793269
dc.contributor.funder	Ministerio de Economía y Competitividad	en
dc.contributor.funder	Consejería de Educación, Juventud y Deporte, Comunidad de Madrid	en
dc.description.status	Peer reviewed	en
dc.identifier.journaltitle	Proceedings of the ACM International Conference on Computing Frontiers, Com	en
dc.internal.copyrightchecked	Yes	en
dc.internal.licenseacceptance	Yes	en
dc.internal.conferencelocation	Como, Italy	en
dc.internal.IRISemailaddress	paolo.palmieri@ucc.ie	en