Capture: Improve the security of your IoT devices

The Capture is a firmware writing architecture developed and maintained by Han Zhang and the team at Carnegie Mellon University's CyLab Security and Privacy Institute. Its use Capture allows you to push updates to IoT devices within your local network.

In this article, we'll look at what Capture is, examine its structure, and analyze how its implementation can benefit both IoT device owners and IoT device vendors.

iot firm
Contents hide
Why use Capture?
How vulnerable are IoT devices?
How does Capture work?
What are the limitations of Capture?

Why use Capture?

The inspiration behind Capture comes from the fact that many IoT devices are not regularly patched for security vulnerabilities from widely adopted vulnerability libraries.

IoT vendors generally build their IoT software by integrating third-party libraries that are highly vulnerable to IoT-based attacks. The software developers behind these IoT devices embrace the ease of inputs third-party libraries to make the coding process faster than writing their own libraries from scratch.

So when vendors use such libraries, they automatically inherit vulnerabilities from the original developer of the libraries. According to Han Zhang and his team, this is the most common source of such vulnerabilities and puts many homes at risk of cyber attacks.

How vulnerable are IoT devices?

Zhang and his team analyzed 122 different IoT firmwares and 27 different IoT devices within eight years of their release. The motivation for this research was threefold:

  1. To determine how extensive the use of third-party libraries was across all vendors
  2. To determine if the detected libraries were patched for vulnerabilities
  3. To determine if there were significant delays in updating corrected libraries from vendors

According to the survey data, Zhang and his team found that the vendors updated the libraries infrequently and that they most often used outdated and mostly vulnerable versions. They found that vendors did not update libraries for hundreds of days after critical vulnerabilities were made public.

Zhang concluded that relying on vendors for updates was problematic as it required too much effort and did not provide much incentive for vendors.

How does Capture work?

Capture performs centralized book managementof your home. It acts as a WiFi hotspot for all your IoT devices and replaces their libraries with the latest ones which are stored centrally in it.

An IoT device that supports Capture contains two components: Capture-enabled firmware on the device and a remote driver that uses third-party libraries on the Capture node on the local network. In this way, the following functions are achieved:

  1. Device integrity: Capture ensures that the integrity of the communication between the IoT device and its driver is stored and managed within Capture. This makes it easy to update the driver to ensure the IoT device works.
  2. Security: Logging ensures security in the IoT device environment.
  3. Ease of adoption: Capture makes it very easy to make any changes to IoT devices, as every change is made to the Capture node and not to the IoT device itself.
  4. Performance and scalability: Capture ensures the support of hundreds of IoT devices from a single node, all with the lowest possible overhead.

To achieve isolation and security and ensure that an attacker cannot compromise the node and abuse the connected IoT devices, Capture implements a function of the WPA2 WiFi protocol to specific VLANs for each device and unique network credentials.

Capture also assigns unique virtual network interfaces to each device and assigns different subnets for security purposes. Capture creates separate security domains for each driver within the node to manage resource isolation, and also creates an isolated runtime environment for each pair of device drivers, leveraging Linux security modules and the built-in firewall.

Capture blocks all network communications between local IoT devices except their drivers. This protects devices even if they have vulnerable firmware. These drivers are, however, allowed to communicate over the public .

What are the limitations of Capture?

As with any innovative solution, some limitations currently prevent this plan from being implemented. Here are some of those obstacles.

  1. Single point of failure: This is the most obvious challenge because it means that if the logging node goes down for any reason, the entire local network is left vulnerable.
  2. Vendor incentives and adoption challenges: One challenge is getting vendors to agree to integrate and use Capture.
  3. Protocol compatibility: There are several challenges regarding protocol compatibility between IoT devices and the capture node.
  4. Augmenting device resources: The investigation is still ongoing. It is still quite difficult to improve the performance of IoT devices in the local network to improve their storage and processing capabilities. It is not yet possible to do this.
  5. Firmware splitting: Capture suggests breaking the monolithic firmware into remote and local components. This approach faces practical challenges such as data serialization, consistency, and fault tolerance.

Sources:

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

capture

Capture

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).