Project Details
Description
Walking Among Digital Ghost Ships: Cyber-security Issues in Abandoned Internet-enabled Devices
Key findings
- The Internet is flooded with vulnerable devices that lack security management.
Layman's description
Do you remember the last time you updated your telephone? Does it even receive updates anymore? Internet-connected devices that are outdated or misconfigured are an open door that welcomes attackers to take control of our systems. With the rapid digitization and commoditization of devices using the Internet, we are introducing an increasing number of devices without considering their cyber-security implications. Think of all the devices you use daily and what could happen if an attacker controlled them. From smartphones and home appliances (e.g., voice assistants, smart thermostats and light bulbs) to devices at your workplace (e.g., printers, assembly machines and measurement devices) or life-sustaining devices (e.g., insulin pens and remote medical care).
To ensure the security of Internet-connected devices, it is important to establish healthy security habits (e.g., installing the latest updates and using strong credentials). However, following the latest security guidelines does not necessarily mean we are out of risk. Other external factors play a crucial role in determining the device’s security, such as the device's life cycle (i.e., when they stop receiving updates), the manufacturer's cyber-security posture (i.e., which and when vulnerabilities are patched), and how the device is used in practice (e.g., devices purchased in bulk tend to be pre-configured). Maintaining security across devices has become an overly challenging task, resulting in many devices being active but abandoned.
In this project, we introduce the term Digital Ghost Ships (DGSs) referring to abandoned Internet-connected devices. This term groups misconfigured and outdated devices with known vulnerabilities (e.g., unpatched systems, exposing vulnerable services, and post-end-of-life active devices) and devices with weak authentication (e.g., without passwords or using weak credentials). This project aims to develop new methods to identify DGSs and understand the cognitive challenges leading to the creation of DGSs. We argue that DGSs can be targeted using specially crafted probes aided by machine learning models. In addition, we will study the aspects of human behaviour that influence decision-making when dealing with cyber-security.
To ensure the security of Internet-connected devices, it is important to establish healthy security habits (e.g., installing the latest updates and using strong credentials). However, following the latest security guidelines does not necessarily mean we are out of risk. Other external factors play a crucial role in determining the device’s security, such as the device's life cycle (i.e., when they stop receiving updates), the manufacturer's cyber-security posture (i.e., which and when vulnerabilities are patched), and how the device is used in practice (e.g., devices purchased in bulk tend to be pre-configured). Maintaining security across devices has become an overly challenging task, resulting in many devices being active but abandoned.
In this project, we introduce the term Digital Ghost Ships (DGSs) referring to abandoned Internet-connected devices. This term groups misconfigured and outdated devices with known vulnerabilities (e.g., unpatched systems, exposing vulnerable services, and post-end-of-life active devices) and devices with weak authentication (e.g., without passwords or using weak credentials). This project aims to develop new methods to identify DGSs and understand the cognitive challenges leading to the creation of DGSs. We argue that DGSs can be targeted using specially crafted probes aided by machine learning models. In addition, we will study the aspects of human behaviour that influence decision-making when dealing with cyber-security.
| Short title | DGS |
|---|---|
| Status | Active |
| Effective start/end date | 01/01/2023 → 31/12/2025 |
Fingerprint
Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.