From e1b70883ef660473a7664f3e0776daf506a58db2 Mon Sep 17 00:00:00 2001 From: Sharad Agarwal Date: Tue, 5 May 2020 16:51:40 +0200 Subject: [PATCH 1/6] added research paper --- readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/readme.md b/readme.md index 5859f36..65e4783 100644 --- a/readme.md +++ b/readme.md @@ -143,6 +143,7 @@ Software tools for analyzing embedded/IoT devices and firmware. +- 2019, Agarwal et al: [Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk. Sensors 2019, 19, 4107.](https://www.mdpi.com/1424-8220/19/19/4107) - 2019, Almakhdhub et al: [BenchIoT: A Security Benchmark for the Internet of Things](https://nebelwelt.net/publications/files/19DSN.pdf) - 2019, Alrawi et al: [SoK: Security Evaluation of Home-Based IoT Deployments](https://alrawi.github.io/static/papers/alrawi_sok_sp19.pdf) - 2019, Abbasi et al: [Challenges in Designing Exploit Mitigations for Deeply Embedded Systems](https://ieeexplore.ieee.org/abstract/document/8806725) From 2b4e48f052c41dacf274e6a651d345e3fe748f16 Mon Sep 17 00:00:00 2001 From: Sharad Agarwal Date: Tue, 5 May 2020 16:59:06 +0200 Subject: [PATCH 2/6] Added new case study --- readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/readme.md b/readme.md index 65e4783..3174468 100644 --- a/readme.md +++ b/readme.md @@ -166,6 +166,7 @@ Software tools for analyzing embedded/IoT devices and firmware. +- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. From 693bab5fbb911411b832a5333ff33097c40e2a8b Mon Sep 17 00:00:00 2001 From: Sharad Agarwal Date: Tue, 5 May 2020 17:00:27 +0200 Subject: [PATCH 3/6] updated the doi --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 3174468..17ffd34 100644 --- a/readme.md +++ b/readme.md @@ -166,7 +166,7 @@ Software tools for analyzing embedded/IoT devices and firmware. -- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg +- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) [(https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg)] - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. From 4f8a9c767ee14e94eb1f841b37e4c359992c8c58 Mon Sep 17 00:00:00 2001 From: Sharad Agarwal Date: Tue, 5 May 2020 17:01:38 +0200 Subject: [PATCH 4/6] updated markdown for doi --- readme.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 17ffd34..c578818 100644 --- a/readme.md +++ b/readme.md @@ -166,7 +166,8 @@ Software tools for analyzing embedded/IoT devices and firmware. -- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) [(https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg)] + +- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) [![DOI(https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg)](https://doi.org/10.5281/zenodo.1035034) - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. From 1eb6aa77ac4bb2ac499f17238db5efd00a9ba8c6 Mon Sep 17 00:00:00 2001 From: Sharad Agarwal Date: Tue, 5 May 2020 17:02:37 +0200 Subject: [PATCH 5/6] missing ] --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index c578818..410a4ce 100644 --- a/readme.md +++ b/readme.md @@ -167,7 +167,7 @@ Software tools for analyzing embedded/IoT devices and firmware. -- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) [![DOI(https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg)](https://doi.org/10.5281/zenodo.1035034) +- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) [![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg)](https://doi.org/10.5281/zenodo.1035034) - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. From 07155b5bbb8e4f5ee964843eaec178ee79c2e86c Mon Sep 17 00:00:00 2001 From: Sharad Agarwal Date: Wed, 6 May 2020 11:49:17 +0200 Subject: [PATCH 6/6] changes to format of the new case study --- readme.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/readme.md b/readme.md index 410a4ce..2b5b366 100644 --- a/readme.md +++ b/readme.md @@ -143,7 +143,7 @@ Software tools for analyzing embedded/IoT devices and firmware. -- 2019, Agarwal et al: [Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk. Sensors 2019, 19, 4107.](https://www.mdpi.com/1424-8220/19/19/4107) +- 2019, Agarwal et al: [Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk](https://www.mdpi.com/1424-8220/19/19/4107) - 2019, Almakhdhub et al: [BenchIoT: A Security Benchmark for the Internet of Things](https://nebelwelt.net/publications/files/19DSN.pdf) - 2019, Alrawi et al: [SoK: Security Evaluation of Home-Based IoT Deployments](https://alrawi.github.io/static/papers/alrawi_sok_sp19.pdf) - 2019, Abbasi et al: [Challenges in Designing Exploit Mitigations for Deeply Embedded Systems](https://ieeexplore.ieee.org/abstract/document/8806725) @@ -165,15 +165,14 @@ Software tools for analyzing embedded/IoT devices and firmware. ## Case Studies - - -- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) [![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.1035034.svg)](https://doi.org/10.5281/zenodo.1035034) + - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. - [Dumping firmware from a device's SPI flash with a buspirate](https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html) - [Hacking the DSP-W215, Again](http://www.devttys0.com/2014/05/hacking-the-dspw215-again/) - [Hacking the PS4](https://cturt.github.io/ps4.html) - Introduction to PS4's security. +- [IoT Security@CERN](https://doi.org/10.5281/zenodo.1035034) - [Multiple vulnerabilities found in the D-link DWR-932B](https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html) - [Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol](https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html) - [PWN Xerox Printers (...again)](https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/xerox_phaser_6700_white_paper.pdf)