SVAF: A Modular Framework for Comprehensive Smartwatch Vulnerability Assessment
摘要
Since smartwatches are becoming integral part of everyone’s life as a personal IoT device, their security threats are growing due to their increasing complexity and links to the Internet. Even though many people own smartwatches, good and easily implemented vulnerability check systems for them are not available. The paper presents SVAF (Smartwatch Vulnerability Assessment Framework), a flexible and adaptable framework that checks a smartwatch’s security from various angles. Using both manual and automated methods, SVAF links functions such as Bluetooth review, examining firmware, looking up CVE-based vulnerabilities, scanning app permissions and simulating exploits. SVAF includes support for the CLI and GUI, it addresses different needs of security researchers, auditors and developers. SVAF is tested on various smartwatch models running different operating systems to highlight its variety, usefulness and effectiveness. In the findings, It shows important weak points that were not identified before and explain how SVAF speeds up analyzing security in wearable devices.