Abstract | The Internet of Things (IoT) is an emerging paradigm that aims to create interconnected and automated systems that facilitate human labor and improve living conditions. Nevertheless, with the increasing popularity of IoT devices, the safety of private data may be at risk as attackers begin to discover new ways of compromising privacy by exploiting vulnerabilities within such devices. This paper will discuss and address one such vulnerability of IoT devices achieved through firmware extraction. For this, this paper will explain and analyze the most commonly used methods for this process, namely, extraction through direct interfacing with the flash drive or through UART and JTAG interfaces. Finally, this paper will cover security implications and risks associated with firmware extraction, as well as potential means through which to guard against such attacks.
|
---|