Determining home users' vulnerability to Universal Plug and Play (UPnP) attacks

Esnaashari, Shadi, Welch, Ian and Komisarczuk, Peter (2013) Determining home users' vulnerability to Universal Plug and Play (UPnP) attacks. In: Proceedings of the 2013 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA). IEEE, pp. 725-729. ISBN 9781467362399

Full text not available from this repository.

Abstract

Universal Plug and Play (UPnP) technology is used worldwide since it has simplified the installation and management of the devices. As a result, many devices are now equipped with UPnP capabilities. Unfortunately using UPnP in home routers puts routers at risk of abuse. For example, it is easier for hackers to discover the devices and use device vulnerabilities in order to make malicious attacks to cause financial or reputation damage to the users. In this paper, we have analyzed the UPnP protocol and its different vulnerabilities. Furthermore, we have emphasized how common the problem is with the home users' devices. Hence, we suggest a tool to achieve transparency in the health of the Internet by detecting UPnP enabled devices which are likely to be attacked on home networks. The tool will look for UPnP based attacks when people's routers have been compromised. The tool is easy to install and use for novice home users and maintains their privacy too. This project aims not only to implement a tool for a user to determine whether his/her system is vulnerable to a particular attack, but also to measure the prevalence of vulnerabilities at national or global level. Thus a larger framework is required to collect and manage the results from individual users.

Item Type: Book Section
Uncontrolled Keywords: Security, Network Measurement, UPnP
Subjects: Computing
Depositing User: Vani Aul
Date Deposited: 21 Mar 2014 16:05
Last Modified: 14 Mar 2017 10:16
URI: http://repository.uwl.ac.uk/id/eprint/760

Actions (login required)

View Item View Item

Menu