Table of Contents
Table of Contents
Affiliation: Department of Biochemistry and Forensic Science, School of Science, Gujarat University, India
Email: kasaza.os@gmail.com
Supervisors: Dr. Kapil Kumar (Associate Professor), Dr. Twisha Shah
Affiliation: Department of Biochemistry and Forensic Science, School of Science, Gujarat University, India
The ubiquity and versatility of the Internet of Things (IoT) have elevated its significance as a major concern in the cybersecurity domain. The number of IoT devices and the volume of data generated by these devices are steadily increasing globally. Consequently, IoT devices have become avenues for attackers to exploit various systems and network infrastructures, as attackers perceive them as low-hanging fruit to leverage for illegal activities. These devices connect and communicate within the IoT ecosystem via various technologies, including Bluetooth , Wi-Fi, USB, and the cloud. IoT technology has various applications, with SCADA, ICS, and Industrial IoT (IIoT) being among the most critical areas. Thus, this study aims to perform a comprehensive security assessment of the implementation of IoT Technology in Windows-supported environments, with a focus on exploiting the Windows OS through the IoT attack vector, leveraging the USB Protocol. Given that the Windows OS is the predominant operating system utilized in 90% of desktops, laptops, or workstations, and in 33% of servers globally, it is susceptible to this type of threat. This security assessment adopts the MITRE ATT&CK matrices and the STRIDE frameworks to provide a comprehensive approach and analysis. The results of this security assessment achieve the execution of privileged commands on the victim device, resulting in a successful compromise. The implementation of IoT technology poses significant security risks, potentially causing severe damage to consumer, commercial, and industrial infrastructure, making it crucial to be aware of these risks.
cybersecurity, IoT, IIoT, Windows OS, USB protocol, exploit, critical infrastructures, MITRE ATT&CK
The Internet of Things (IoT) has transformed various industries by connecting billions of devices worldwide. However, these devices often lack proper security controls, making them prime targets for cyber threats. This paper analyzes and implements an IoT attack vector targeting Windows systems to uncover vulnerabilities and propose mitigation strategies.
This research employs an experimental approach using an IoT device (Raspberry Pi Zero W) connected via USB to a Windows machine. The attack consists of three main stages:
The attack was performed in a controlled environment using the following:
The security assessment successfully compromised Windows OS using an IoT device via USB. The attack achieved:
These results emphasize the need for stricter security measures, including USB whitelisting and endpoint detection systems.
This study highlights the vulnerabilities posed by IoT devices when integrated with Windows OS. The findings call for immediate security improvements in IoT implementations, particularly in critical infrastructures.
Download Full Paper (PDF)
@article{Kasaza2024,
author = {Sylvester Otieno Kasaza},
title = {Implementation and Analysis of IoT Attack Vector on Windows Systems},
journal = {Intelisav Research},
year = {2024},
doi = {10.5281/zenodo.14886141},
url = {https://intelisav.com/research/iot_attack_vector.html}
}
[1] U. Tariq, et al., “A Critical Cybersecurity Analysis,” Sensors, vol. 23, no. 8, 2023.
[2] “Strategic Principles for Securing the Internet of Things (IoT),” Whitepaper.
[3] G. A. Garrett, Cybersecurity in the Digital Age, 2018.
[4] U. Tariq, I. Ahmed, A. K. Bashir, and K. Shaukat, “A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review,” Sensors, vol. 23, no. 8, Jan. 2023, doi: 10.3390/s23084117.
[5] “Worldwide Internet of Things Forecast, 2023-2027,” IDC. Accessed: Mar. 10, 2024. [Online].
[6] “Internet of Things and Data Placement,” Dell Technologies Info Hub. Accessed: Mar. 10, 2024. [Online].
[7] “IoT Connected Devices Worldwide 2019-2030,” Statista. Accessed: Mar. 10, 2024. [Online].
[8] “State of IoT 2023: Number of Connected IoT Devices Growing 16% to 16.7 Billion Globally,” IoT Analytics. Accessed: Mar. 10, 2024. [Online].
[9] “The Tipping Point: Exploring the Surge in IoT Cyberattacks Globally,” Check Point Blog. Accessed: Mar. 20, 2024. [Online].
[10] D. C. Wilson, Cybersecurity. MIT Press, 2021.
[11] “IoT Attacks: 6 Security Risks To Be Aware Of.” Accessed: Feb. 11, 2024. [Online].
[12] “What Are IoT Attacks? Vectors Examples and Prevention.” Accessed: Feb. 11, 2024. [Online].
[13] R. Herrero, Fundamentals of IoT Communication Technologies. Springer Nature, 2021.
[14] National Advanced IPV6 Centre, S. A. Laghari, S. Manickam, and S. Karuppayah, “A Review on SECS/GEM: A Machine-to-Machine (M2M) Communication Protocol for Industry 4.0,” IJEETC, 2021, doi: 10.18178/ijeetc.10.2.105-114.
[15] P. K. Malik et al., “Industrial Internet of Things and Its Applications in Industry 4.0,” Comput. Commun., vol. 166, pp. 125–139, 2021, doi: 10.1016/j.comcom.2020.11.016.
[16] R. Salama, C. Altrjman, and F. Al-Turjman, “An Overview of the Internet of Things (IoT) and Machine-to-Machine (M2M) Communications,” NEU J. AI & IoT, vol. 2, no. 3, 2023. [Online].
[17] Y. Sizamo, “A Study Into Scalable Transport Networks for IoT Deployment,” 2021. [Online].
[18] M. S. Mazhar et al., “Forensic Analysis on IoT Devices Using M2M Framework,” Electronics, vol. 11, no. 7, 2022, doi: 10.3390/electronics11071126.
[19] L. L. Dhirani, E. Armstrong, and T. Newe, “Industrial IoT, Cyber Threats, and Standards Landscape,” Sensors, vol. 21, no. 11, 2021, doi: 10.3390/s21113901.
[20] “When Cyber-Attacks Target Hardware,” CNRS News. Accessed: Feb. 13, 2024. [Online].
[21] “MITRE ATT&CK®.” Accessed: Mar. 06, 2024. [Online].
[22] “USB Device – Primary Vector of Distribution of Threats to Industrial Control Systems,” GBHackers. Accessed: Feb. 15, 2024. [Online].
[23] S. Al-Rabiaah, “The ‘Stuxnet’ Virus of 2010 as an Example of APT and Its Recent Variants,” NCC, 2018, doi: 10.1109/NCG.2018.8593143.
[24] M. Antonakakis et al., “Understanding the Mirai Botnet,” USENIX Security Symposium, 2017. [Online].
[1] Al-Rabiaah, “Stuxnet Virus as an Example of an APT,” NCC, 2018.
[2] Antonakakis et al., “Understanding the Mirai Botnet,” USENIX Security Symposium, 2017.
[3] Malkhasian, “Security Assessment of Danalock IoT Device,” STRIDE Methodology, 2020.
[4] Stellios et al., “A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services,” IEEE Communications Surveys & Tutorials, vol. 20, no. 4, 2018.
[5] Capellupo et al., “Security and Attack Vector Analysis of IoT Devices,” in Security, Privacy, and Anonymity in Computation, Communication, and Storage, Springer, 2017.
[6] Kelly et al., “Testing and Hardening IoT Devices Against the Mirai Botnet,” in International Conference on Cyber Security, 2020.
[7] Victor et al., “IoT Malware: An Attribute-Based Taxonomy, Detection Mechanisms, and Challenges,” Peer-to-Peer Networking and Applications, vol. 16, no. 3, pp. 1380–1431, 2023.
[8] Yadav et al., “Malware Analysis in IoT & Android Systems with Defensive Mechanism,” Electronics, vol. 11, no. 15, 2022.
[9] Ramadhanty et al., “Implementation and Analysis of Keyboard Injection Attack Using USB Devices in Windows Operating System,” in International Conference on Computer and Informatics Engineering, 2020.
[10] Dumitru et al., “The Impostor Among US(B): Off-Path Injection Attacks on USB Communications,” in USENIX Security Symposium, 2023.
[11] Vouteva et al., “Feasibility and Deployment of Bad USB,” Security Research, 2022.
[12] Helbling, “Creating a Linux-Based Wireless HID Injector with Remote Payload Interface,” Cybersecurity Research Journal, 2023.