Abstract | ||
---|---|---|
Embedded devices with web interfaces are prevalent, but, due to memory and processing constraints, implementations typically make use of Common Gateway Interface (CGI) binaries written in low-level, memory-unsafe languages. This creates the possibility of memory corruption attacks as well as traditional web attacks. We present Umbra, an application-layer firewall specifically designed for protecting web interfaces in embedded devices. By acting as a "friendly man-in-the-middle," Umbra can protect against attacks such as cross-site request forgery (CSRF), information leaks, and authentication bypass vulnerabilities. We evaluate Umbra's security by analyzing recent vulnerabilities listed in the CVE database from several embedded vendors and find that it would have prevented half of the vulnerabilities. We also show that Umbra comfortably runs within the constraints of an embedded system while incurring minimal performance overhead. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1007/978-3-319-40385-4_8 | Lecture Notes in Computer Science |
Keywords | Field | DocType |
Embedded security,Firewall,Web security | Common Gateway Interface,Internet security,Authentication,Firewall (construction),Computer security,Memory corruption,Computer science,Application firewall,Cloud computing security,Web application security | Conference |
Volume | ISSN | Citations |
9588 | 0302-9743 | 0 |
PageRank | References | Authors |
0.34 | 10 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Travis Finkenauer | 1 | 40 | 1.76 |
J. Alex Halderman | 2 | 2301 | 149.67 |