TY - JOUR
T1 - Exposed by Default
T2 - A Security Analysis of Home Router Default Settings and Beyond
AU - Ye, Junjian
AU - De Carne De Carnavalet, Xavier
AU - Zhao, Lianying
AU - Zhang, Mengyuan
AU - Wu, Lifa
AU - Zhang, Wei
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2025/1/15
Y1 - 2025/1/15
N2 - With the popularity of the Internet, home routers have become crucial for the security of home networks. However, according to the results of our user survey, home routers are often deployed with minimal changes to the factory default settings, which may pose risks to user security and privacy. To systematically evaluate potential risks, we designed a threat-model-based framework and conducted a comprehensive analysis of 40 commercial off-the-shelf home routers from 14 brands. We found a variety of security issues, among which incorrect implementation of TLS is the most common. To improve the efficiency of manually detecting TLS certificate validation vulnerabilities without real routers, we proposed a heuristic method that can narrow down the search scope in firmware and proved its effectiveness with 30 available firmware images of the routers we purchased. Moreover, we evaluated the security of custom remote management protocols and found several cryptographic misuses. Finally, we proposed several recommendations for extending the analysis framework and discussed our ideas about automatically detecting security issues to highlight the need for heightened scrutiny of default settings and inspire other researchers.
AB - With the popularity of the Internet, home routers have become crucial for the security of home networks. However, according to the results of our user survey, home routers are often deployed with minimal changes to the factory default settings, which may pose risks to user security and privacy. To systematically evaluate potential risks, we designed a threat-model-based framework and conducted a comprehensive analysis of 40 commercial off-the-shelf home routers from 14 brands. We found a variety of security issues, among which incorrect implementation of TLS is the most common. To improve the efficiency of manually detecting TLS certificate validation vulnerabilities without real routers, we proposed a heuristic method that can narrow down the search scope in firmware and proved its effectiveness with 30 available firmware images of the routers we purchased. Moreover, we evaluated the security of custom remote management protocols and found several cryptographic misuses. Finally, we proposed several recommendations for extending the analysis framework and discussed our ideas about automatically detecting security issues to highlight the need for heightened scrutiny of default settings and inspire other researchers.
KW - Default settings
KW - home router security
KW - manual analysis
KW - TLS misconfiguration
UR - https://www.scopus.com/pages/publications/85210303879
UR - https://www.scopus.com/inward/citedby.url?scp=85210303879&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2024.3502405
DO - 10.1109/JIOT.2024.3502405
M3 - Article
AN - SCOPUS:85210303879
SN - 2327-4662
VL - 12
SP - 1182
EP - 1199
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 2
ER -