Exploiting the Remote Server Access Support of CoAP Protocol

摘要

The constrained application protocol (CoAP) is a specially designed Web transfer protocol for use with constrained nodes and low-power networks. The widely available CoAP implementations have failed to validate the remote CoAP clients. Each CoAP client generates a random source port number when communicating with the CoAP server. However, we observe that in such implementations it is difficult to distinguish the regular packet and the malicious packet, opening a door for a potential off-path attack. The off-path attack is considered a weak attack on a constrained network and has received a less attention from the research community. However, the consequences resulting from such an attack cannot be ignored in practice. In this article, we exploit the combination of IP spoofing vulnerability and the remote server access support of CoAP is to be launch an off-path attack. The attacker injects a fake request message to change the credentials of the 6LoWPAN smart door keypad lock system. This creates a request spoofing vulnerability in CoAP, and the attacker exploits this vulnerability to gain full access to the system. Through our implementation, we demonstrated the feasibility of the attack scenario on the 6LoWPAN-CoAP network using smart door keypad lock. We proposed a machine learning (ML)-based approach to mitigate such attacks. To the best of our knowledge, we believe that this is the first article to analyze the remote CoAP server access support and request spoofing vulnerability of CoAP to launch an off-path attack and demonstrate how an ML-based approach can be deployed to prevent such attacks.