| Presentation | 2024-03-21 One Million Routers Under Control: Vulnerabilities in DDNS of IoT Devices Kanta Okugawa, Yoshiki Mori, Masaki Kubo, Takahiro Kasama, Koichi Mouri, Daisuke Inoue, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | IoT devices such as routers and webcams have dynamic DNS (DDNS) functions as one of the methods to remotely manage devices. While DDNS enhances the convenience of remote management, it also poses risks of making it easier for attackers to access to the IoT devices. Therefore, it is necessary to be careful about the secure implementation and use of DDNS functions. However, to our knowledge, there has been to no research on the use of DDNS functions in IoT devices. In this study, we conducted a survey of DDNS functions in IoT devices sold in Japan in order to clarify the usage status and risks of DDNS functions in IoT devices. As a result, we found a vulnerability in the implementation of the DDNS function in a specific vendor's router, which is used in more than one million units worldwide, and an attack method that allows a malicious third party to steal the router's authentication information. In this paper, in addition to the results of these investigations, we discuss the actual situation of vulnerability exploitation based on long-term tracking of DDNS domains, and present a policy for the secure implementation and use of DDNS functions in IoT devices. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | IoT Device / DDNS / MITM Attack / Authentication Information Theft |
| Paper # | ICSS2023-78 |
| Date of Issue | 2024-03-14 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2024/3/21(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | OIST |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, Trust, etc. |
| Chair | Daisuke Inoue(NICT) |
| Vice Chair | Akira Yamada(Kobe Univ.) / Toshihiro Yamauchi(Okayama Univ.) |
| Secretary | Akira Yamada(Mitsubishi Electric) / Toshihiro Yamauchi(Univ. of Electro-Comm.) |
| Assistant | Yo Kanemoto(NTT) / Masaya Sato(Okayama Prefectural Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | One Million Routers Under Control: Vulnerabilities in DDNS of IoT Devices |
| Sub Title (in English) | |
| Keyword(1) | IoT Device |
| Keyword(2) | DDNS |
| Keyword(3) | MITM Attack |
| Keyword(4) | Authentication Information Theft |
| 1st Author's Name | Kanta Okugawa |
| 1st Author's Affiliation | Ritsumeikan University/NICT(Ritsumei/NICT) |
| 2nd Author's Name | Yoshiki Mori |
| 2nd Author's Affiliation | NICT(NICT) |
| 3rd Author's Name | Masaki Kubo |
| 3rd Author's Affiliation | NICT(NICT) |
| 4th Author's Name | Takahiro Kasama |
| 4th Author's Affiliation | NICT(NICT) |
| 5th Author's Name | Koichi Mouri |
| 5th Author's Affiliation | Ritsumeikan University(Ritsumei) |
| 6th Author's Name | Daisuke Inoue |
| 6th Author's Affiliation | NICT(NICT) |
| Date | 2024-03-21 |
| Paper # | ICSS2023-78 |
| Volume (vol) | vol.123 |
| Number (no) | ICSS-448 |
| Page | pp.pp.63-70(ICSS), |
| #Pages | 8 |
| Date of Issue | 2024-03-14 (ICSS) |