IoT Attack Surfaces
作者:Someone was here
1. Network
1.1. Cloud
1.1.1. Secuirty Misconfigurations in Public Facing Services
1.1.1.1. MQTT
1.2. Local
1.2.1. Wired
1.2.1.1. CanBus
1.2.1.2. CoAP
1.2.1.3. ModBus
1.2.1.4. DICOM
1.2.2. Wireless
1.2.2.1. GSM/LTE
1.2.2.2. LoraWan
1.2.2.3. ZigBee
1.2.2.4. BLE
1.2.3. Authentication Bypass/ Cryptographic Vulnerabilities
2. Hardware
2.1. Glitching Attacks
2.2. Side Channel Attacks
2.3. Digital Siganl Leak to Air Medium
2.4. Exposed Hardware/Debugging Communication Pins
2.4.1. I2C
2.4.2. SPI
2.4.3. UART
2.4.4. JTAG
3. Software
3.1. Hard Coded Credentials
3.2. Mobile Apps
3.2.1. Android
3.2.2. iOS
3.3. Web UI/API Vulnerabilities
3.3.1. Owasp Top 10
3.4. Memory Corruption Flaws
3.4.1. In User Space Programs
3.4.2. Kernel Space Programs/ Drivers and Bootloaders
3.4.3. Stack Overflow, Heap Spray/ Overflow, Integer Overflow