The document discusses the Internet of Things (IoT), its vulnerabilities, and the associated security risks posed by attackers. It highlights various weaknesses in IoT devices, particularly in home automation systems, and categorizes them based on the OWASP Top 10 IoT vulnerabilities. The author, Avinash Sinha, emphasizes the growing need for security in IoT as the number of devices increases, predicting significant usage by consumers and potential hackers.

1. DISSECTING- INTERNET OF THINGS Avinash Sinha
1 | P a g e
A New Era of Internet Of things has begun, waiting to be dissected by attackers and hackers. Let’s get to
know IoT in a better way and take a step ahead of attackers
Internet of Things (IoT) is the network of physical objects, devices, vehicles, buildings and other items
which are embedded with electronics, software, sensors, and network connectivity, which enables these
objects to collect and exchange data. Internet of Things allows objects to be sensed and controlled
remotely across existing network infrastructure, creating opportunities for more-direct integration
between the physical world and computer-based systems, resulting in improved efficiency, accuracy and
economic benefit; when IoT is augmented with sensors and actuators, the technology becomes an
instance of the more general class of cyber-physical systems, which also encompasses technologies such
as smart grids, smart homes, intelligent transportation and smart cities. Each thing is uniquely
identifiable through its embedded computing system but is able to interoperate within the existing
Internet infrastructure.
As the Popularity of IoT devices are so are growing its vulnerabilities. As per a study conducted by HP
90% of devices collected at least one piece of personal information via the device, the cloud, or its
mobile application and Six out of 10 devices that provide user interfaces were vulnerable to a range of
issues such as persistent XSS ,unencrypted connections & weak credentials.
If we consider a Home automation system which is controlled by a Mobile device Application built on
Android or IOS platform using angular.js which is almost true for many of the devices, each of them has
more than 10-15 different vulnerabilities.

2. DISSECTING- INTERNET OF THINGS Avinash Sinha
2 | P a g e
As we can observer from above Threat Modeling Diagram of a Simple Home Automation system, a total
of 22 vulnerabilities needs to be evaluated. OWASP has segregated these vulnerabilities into the
following category of OWASP Top 10 IoT categories:-
Rank Title
1 Insecure Web Interface
2 Insufficient Authentication/Authorization
3 Insecure Network Services
4 Lack of Transport Encryption
5 Privacy Concerns
6 Insecure Cloud Interface
7 Insecure Mobile Interface
8 Insufficient Security Configurability
9 Insecure Software/Firmware
10 Poor Physical Security
Now it all depends on an attacker whether he thinks your home is actually a smart home.
Most of the vulnerabilities in IoT devices are very basic but still give you an ability to own an entire
database of PSI (Personal Sensitive information) and BSI (Business Sensitive information).Lets take an
example for above home automation system. Most of them use Amazon or Azure Cloud web services for
communication from Mobile to their servers. If you are intercepting the traffic between Mobile device
app and device via web-services, it is very easy to observe a lot of things. Try to get information from
AWS token, JWT token ,or any other tokens, most of them will give information in the form of Base 64
encoding which can be easily decoded using online https://jwt.io/ which will give you result in a proper
format. It is important to note that Business logic vulnerabilities are more prominent then technical
one’s when it comes to IoT. Most of the IoT devices communicate using a device id number or tied up
with username due to which it becomes very easy to gather a lot of information by just running a script
containing numbers (sequential/random) to gather PSI or BSI related to device. Most of the devices will
also have CSRF or Session related issues if not properly configured.

3. DISSECTING- INTERNET OF THINGS Avinash Sinha
3 | P a g e
Coming to the Network part of IoT devices, needless to say IoT devices run with very low power and the
communication between the IoT devices can happen over a wide verity to communication protocols.
Most common and popular communication mediums include the following:-
1. Zigbee 2. Bluetooth 3. Z wave 4. Wi-Fi 5. NFC 6.Neul 7.BLE
Some of the most commonly used tools include:-
1. Hardware Security module (HSM) - a security based hardware device which generates, stores
and protects cryptographic keys.
2. Bus pirate - an open source sniffer which supports various hardware protocols like I2C, SPI,
JTAG, 1-Wire, etc
3. Good FET - Open source tool for interfacing, hacking chips and target devices.
4. There are various commercial sniffers available (eg. Beagle) which supports dissecting lower
level protocols.
5. Logic Analyzer - concurrent capturing, visualizing and decoding large quantities of digital data.
6. Protocol Analyzer - Real time non intrusive device for monitoring, capturing and decoding of
wired communication.
7. Spectrum Analyzer - Visualizing RF or radio spectrum.
8. Burp- For intercepting traffic between Mobile and device.
9. Codenomicon /Achilles- For fuzzing protocols.
10. IDA Pro/Fortify/Klocwork-Reverse Engineering and Firmware analysis
As with the rise of new protocols coming to light, the attack surface has also increased. As these
communication mediums also possess risk to IoT devices. There is more to IoT devices than you can
think. You can pass various sorts of commands to these devices for them to crash or cause a DOS (Denial
of Service attack)

4. DISSECTING- INTERNET OF THINGS Avinash Sinha
4 | P a g e
IoT devices have started to make our lives easy in terms of getting things done at a lower cost .However
in terms of Privacy evasion it is going to be the next big thing considering the number of vulnerabilities
currently been found in IoT devices .Also it is estimated that by 2019 a total of 15 million device would
be in use by users, consumers, industry and needless to say by hackers as well.
About The Author:-
Avinash Sinha is a Security Consultant with 5.5 Years of experience currently working with Aujas.
Previously he worked with IBM India Pvt Ltd as an Application Security Consultant. His key area of
interests include Vulnerability assessments, Secure Code review, Security research, Web/Mob
Penetration testing, SCADA/ICS, and network infrastructure protection.