IoT-PEN: A Penetration Testing Framework for IoT

With the horizon of 5^th generation wireless systems (5G), Internet of Things (IoT) is expected to take the major portion of computing. The lack of inbuilt security and security protocols in cheap IoT devices give privilege to an attacker to exploit these device's vulnerabilities and break into the target device. IoT network security was initially perceived from the perspective of a single, or a few attacks surface only. However, attacks like Mirai, Wannacry, Stuxnet, etc. show that a cyber attack often comprises of a series of attacks on vulnerabilities of victim devices to reach the target device. Penetration testing is generally used to identify the vulnerabilities/ possible attacks on traditional systems periodically. A timely fix of these vulnerabilities can avoid future attacks. Traditional penetration testing methods focus on isolated and manual testing of a host that fails to detect attacks involving multi-hosts and multi-stages.In this paper, we introduced first-of-its-kind, IoT-PEN, a Penetration Testing Framework for IoT. The framework consists of server-client architecture with "a system with resources" as server and all "IoT nodes" as clients. IoT-PEN is an end-to-end, scalable, flexible, and automatic penetration testing framework for IoT. IoT-PEN seeks to discover all possible ways an attacker can breach the target system using target-graphs. It constructs prerequisite and postconditions for each vulnerability using the National Vulnerability Database (NVD). We also demonstrated that even if an individual system is secure under some threat model, the attacker can use a kill-chain (a sequence of exploitation of multiple vulnerabilities on different hosts) to reach the target system.