Internet of things

Full list of my blog posts, publications and talks in category Internet of things.
Filter by
blurry image for loading
blurry image for loading
network security
Inside Mirai the infamous IoT Botnet: A Retrospective Analysis
Inside Mirai the infamous IoT Botnet: A Retrospective Analysis
Blog post Dec 2017
This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds of thousands of compromised Internet-Of-Things devices.
blurry image for loading
blurry image for loading
network security
Understanding the Mirai Botnet
Understanding the Mirai Botnet
Publication Usenix Security 2017
In this paper, we provide a seven-month retrospective analysis of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims.
blurry image for loading
blurry image for loading
web security
Towards secure embedded web interfaces
Towards secure embedded web interfaces
Publication Usenix Security 2011
WebDroid the first framework specifically dedicated to build secure embedded WebApp. This framework is build on the insights we gleaned from the security analysis of 30 embedded devices web interfaces for which we found over than 50 vulnerabilities.
blurry image for loading
blurry image for loading
web security
The emergence of cross channel scripting
The emergence of cross channel scripting
Publication CACM 2010
We reveal a series of attacks against embedded devices based on a new type of vulnerability that we call cross channel scripting (XCS). XCS is a sophisticated form of cross site scripting (XSS) in which the attack injection and execution are carried out via different protocols.
blurry image for loading
blurry image for loading
web security
Xcs cross channel scripting and its impact on web applications
Xcs cross channel scripting and its impact on web applications
Publication CCS 2009
We reveal a series of attacks against embedded devices based on a new type of vulnerability that we call cross channel scripting (XCS). XCS is a sophisticated form of cross site scripting (XSS) in which the attack injection and execution are carried out via different protocols.
blurry image for loading
blurry image for loading
hacking
Embedded management interfaces emerging massive insecurity
Embedded management interfaces emerging massive insecurity
Talk Black Hat 2009
In this talk, we will cover the attack surface of embedded management interfaces and pinpoint which parts of them are the most likely to be vulnerable, based on our evaluation of more than a dozen device models from different categories.
--
Get cutting edge research directly in your inbox.