DeepAI
Log In Sign Up

A Measurement Study on the (In)security of End-of-Life (EoL) Embedded Devices

05/29/2021
by   Dingding Wang, et al.
0

Embedded devices are becoming popular. Meanwhile, researchers are actively working on improving the security of embedded devices. However, previous work ignores the insecurity caused by a special category of devices, i.e., the End-of-Life (EoL in short) devices. Once a product becomes End-of-Life, vendors tend to no longer maintain its firmware or software, including providing bug fixes and security patches. This makes EoL devices susceptible to attacks. For instance, a report showed that an EoL model with thousands of active devices was exploited to redirect web traffic for malicious purposes. In this paper, we conduct the first measurement study to shed light on the (in)security of EoL devices. To this end, our study performs two types of analysis, including the aliveness analysis and the vulnerability analysis. The first one aims to detect the scale of EoL devices that are still alive. The second one is to evaluate the vulnerabilities existing in (active) EoL devices. We have applied our approach to a large number of EoL models from three vendors (i.e., D-Link, Tp-Link, and Netgear) and detect the alive devices in a time period of ten months. Our study reveals some worrisome facts that were unknown by the community. For instance, there exist more than 2 million active EoL devices. Nearly 300,000 of them are still alive even after five years since they became EoL. Although vendors may release security patches after the EoL date, however, the process is ad hoc and incomplete. As a result, more than 1 million active EoL devices are vulnerable, and nearly half of them are threatened by high-risk vulnerabilities. Attackers can achieve a minimum of 2.79 Tbps DDoS attack by compromising a large number of active EoL devices. We believe these facts pose a clear call for more attention to deal with the security issues of EoL devices.

READ FULL TEXT
12/11/2022

Understanding Concurrency Vulnerabilities in Linux Kernel

While there is a large body of work on analyzing concurrency related sof...
12/03/2020

Can I Take Your Subdomain? Exploring Related-Domain Attacks in the Modern Web

Related-domain attackers control a sibling domain of their target web ap...
07/28/2020

Coding Practices and Recommendations of Spring Security for Enterprise Applications

Spring security is tremendously popular among practitioners for its ease...
08/21/2020

One Exploit to Rule them All? On the Security of Drop-in Replacement and Counterfeit Microcontrollers

With the increasing complexity of embedded systems, the firmware has bec...
03/14/2022

Building Embedded Systems Like It's 1996

Embedded devices are ubiquitous. However, preliminary evidence shows tha...