Workshop: IoT Hub Exploitation and Countermeasure

With the advent of IoT, called as Internet of Things, our daily life is being convenient more than ever. IoT market today grow continuously. To manage a plethora of IoT devices at once, it is changing to the way to control all IoT devices easily and conveniently, rather than operating IoT devices independently. Since the IoT Hub can control the connected IoT devices, it is at high risk for serious damage such as malicious control by an attacker, privacy invasion, leakage of personal information in case of security breaches.

We will present the overall process of exploitation in IoT hub from acquiring root shells to analyzing the multiple IoT Hub firmware for showing how we derive the vulnerabilities. We made a data flow diagram(DFD) through the network packet analysis, firmware analysis, security threats we defined, and vulnerabilities. Subsequently, we also discuss the vulnerabilities found in recently commercialized IoT Hub, and introduce the critical threats that could be derived from the vulnerabilities.

Finally, we will show our countermeasures about the IoT Hub vulnerability we found. By doing so, we will contribute improvement of the security of IoT Network and smart home with the awareness of the threats of IoT Hub.