Poster: Snout - An Extensible IoT Pen-Testing Tool

Mikulskis, John and Becker, Johannes K. and Gvozdenovic, Stefan and Starobinski, David

November 2019

Abstract

Network mapping tools designed for IP-based networks generally do not provide access to non-IP based wireless protocols used by Internet of Things (IoT) devices, such as Zigbee and Bluetooth LE. We present Snout, a versatile and extensible software defined radio-based tool for IoT network mapping and penetration testing. Snout is geared towards the various IoT protocols that are not accessible with traditional network enumeration tools, such as Nmap. The tool allows for device enumeration, vulnerability assessment, as well as more offensive techniques such as packet replay and spoofing, which we demonstrate for the Zigbee protocol. Snout is built on an open-source stack, and is designed for extensibility towards other IoT protocols and capabilities.

Bibtex

@inproceedings{10.1145/3319535.3363248,
author = {Mikulskis, John and Becker, Johannes K. and Gvozdenovic, Stefan and Starobinski, David},
title = {Snout: An Extensible IoT Pen-Testing Tool},
year = {2019},
isbn = {9781450367479},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3319535.3363248},
doi = {10.1145/3319535.3363248},
abstract = {Network mapping tools designed for IP-based networks generally do not provide access to non-IP based wireless protocols used by Internet of Things (IoT) devices, such as Zigbee and Bluetooth LE. We present Snout, a versatile and extensible software defined radio-based tool for IoT network mapping and penetration testing. Snout is geared towards the various IoT protocols that are not accessible with traditional network enumeration tools, such as Nmap. The tool allows for device enumeration, vulnerability assessment, as well as more offensive techniques such as packet replay and spoofing, which we demonstrate for the Zigbee protocol. Snout is built on an open-source stack, and is designed for extensibility towards other IoT protocols and capabilities.},
booktitle = {Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
pages = {2529–2531},
numpages = {3},
keywords = {fuzzing, internet of things, device enumeration, vulnerability assessment},
location = {London, United Kingdom},
series = {CCS '19}
}