1. College of Computer Science and Technology, North China University of Technology, Beijing 100144, China
2. Cyber Security Guard, Sichuan Provincial Public Security Department, Chengdu Sichuan 610000, China
3. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China
4. Guizhou Provincial Key Laboratory of Public Big Data, Guizhou University, Guizhou Guiyang 550025, China

Abstract:

With the rapid development and popularization of the Internet of Things(IoTs), the proportion of attacks on Internet of Things is increasing year by year. In order to scientifically evaluate the vulnerabilities of IoT system, this paper proposes a vulnerability correlation hazard assessment method. Unlike the traditional method of evaluating a single vulnerability in isolation, this vulnerability correlation assessment method uses the CVSS v3 evaluation index, based on the vulnerability correlation graph and the risk matrix, and takes into account the relationship between pre-order vulnerability node and pose-order vulnerability node and vulnerability itself. Experiments show that the method has effective guides for protection of cyberspace security and can avoid the IoT devices that have high correlation hazard vulnerabilities controlled by attackers to launch DDoS attacks or to become a blockchain mining tools.

Key words: vulnerability assessment, blockchain, correlation

漏洞分类和描述

漏洞分类	详细内容
不安全的Web接口	在智能设备的Web接口存在XSS、CSRF或SQL漏洞,使用默认用户名和密码,缺乏账户锁定机制
不安全的认证/授权	利用用户的弱密码、密码恢复机制的缺陷以及双因子身份验证机制的缺失来控制智能设备
不安全的网络服务	开放了不必要的端口、通过UPnP向互联网暴露端口以及开放了易受DoS攻击的网络服务
缺乏传输加密/完整性验证	敏感信息以明文形式传递、SSL/TLS不可用或配置不当或使用了专有加密协议。含有这类漏洞的设备容易受到MiTM攻击
不安全的隐私保护	收集的个人信息过多、收集的信息没有得到适当的保护或最终用户无权决定允许收集哪类数据
不安全的云接口	只要攻击者能够访问Internet,就可以获取私人数据
不安全移动设备接口	使用弱密码、缺乏双因子认证和帐户锁定机制
安全可配置性不足	由于用户无法管理或使用安全机制,导致安全机制无法对设备充分发挥作用
不安全的软件/固件	由于系统没有进行相应完整性或真实性检查,使攻击者能够安装任意固件
缺少物理安全措施	只要拆开智能设备,即可获取MCU、外部存储器等

CVSS v3.0 漏洞属性描述

属性组	属性向量
Base	AV:[N,A,L,P]/AC:[L,H]/PR:[N,L,H]/UI:[N,R]/S:[U,C]/C:[H,L,N]/I:[H,L,N]/A:[H,L,N]
Temporal	E:[X,H,F,P,U]/RL:[X,U,W,T,O]/RC: [X,C,R,U]
Environmental	CR:[X,H,M,L]/IR:[X,H,M,L]/AR:[X,H,M,L]/MAV:[X,N,A,L,P]/MAC:[X,L,H]/MPR:[X,N,L,H]/MUI:[X,N,R]/MS:[X,U,C]/MC:[X,N,L,H]/MI: [X,N,L,H]/MA:[X,N,L,H]

CVSS v3.0 属性取值赋值

属性	属性取值	对应数值
AV (Attack Vector)	N (Network)	0.85
	A (Adjacent Network)	0.62
	L (Local)	0.55
	P (Physical)	0.2
AC (Attack Complexity)	L (Low)	0.77
	H (High)	0.44
PR (Privilege Required)	N (None)	0.85
	L (Low)	0.62 (如果更改/修改范围,则为0.68)
	H (High)	0.27 (如果更改/修改范围,则为0.50)
UI (User Interaction)	N (None)	0.85
	R (Required)	0.62
E(Exploit Code Maturity)	X (Not Defined)	1
	H (High)	1
	F (Functional)	0.97
	P (Proof of Concept)	0.94
	U (Unproven)	0.91

CVSS v3.0给出的漏洞属性

漏洞编号	CVE编号	Base值	Temporal值
V 1	CVE-2016-6277	AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	E:X
V 2	CVE-2015-0569	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	E:X
V 3	CVE-2017-8224	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	E:X
V 4	CVE-2017-0781	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	E:X
V 5	CVE-2016-1896	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	E:X
V 6	CVE-2017-7494	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	E:X

沪ICP备12039260号-9
电话：010-88118778/88114408/88111078　E-mail： [email protected]
地址：北京市海淀区阜成路58号新洲商务大厦6层610　邮编：100142
本系统由北京玛格泰克科技发展有限公司设计开发