PLUG AND PLAY (UPNP): ATTACK METHODS AND PROTECTION MEASURES

Authors

  • Leticia Chuquiana Casicana
  • Galo López Sevilla

Keywords:

UPnP, connection, protocols, RSL

Abstract

Universal Plug and Play (UPnP), facilitates connectivity between devices belonging to the same local network and communication of programs with third-party servers, this technology is activated by default in some routers which avoids the manual configuration for opening ports in the router, as this is done automatically. As it is a technology for communication and connectivity either between devices or programs on the Internet, can become insecure, since ill-intentioned people can access the network taking advantage of the fact that this protocol is active, putting both personal information and devices connected to the same network at risk. Therefore, this study is important because, helps to identify the attack methods used to attack the UPnP protocol and define the protection measures that can be applied when using this technology. The objective of this research is to identify the methods of attacking and UPnP protection measures, which will have bibliographic research with a qualitative approach, in addition, the SLR methodology is applied for the systematic review of the literature and article development. At the end of this research work, it is expected to have a document that will be of help to mitigate cyber-attacks on users who have UPnP protocol active.

References

(Alvarado, 2020), (Carrizo & Moller, 2018), (Carron, Wabersich, & Zeilinger, 2021), (Check Point, 2021), (Coello, 2021), (Cohen & Gómez, 2019), (Ghimiray, 2022), (Grimmett & O'Neill, 2012), (Guo & Li, 2013), (Hasib & Mottalib, 2010), (IEEE Xplore, 2022), (Izaguirre Olmedo & León Gavilánez, 2018), (Iño, 2018), (Kayas, Hossain, Payton, & Islam, 2020), (Kayas, Hossain, Payton, & Islam, 2021), (Kayas, Hossain, Payton, & Islam, 2020), (Kitchenham & Charters, 2007), (Maestre, 2015), (Martín & Lafuente, 2017), (Microsoft, 2022), (Miranda, 2019), (Rapid7, 2013), (Morales, 2022), (Mussi, Barreto, & Cugnasca, 2016), (Nava-Lopez, et al., 2019), (Pehkonen & Koivisto, 2010), (Pons Gamon, 2017), (Salazar & Novoa, 2022), (Sales, Sales, Almeida, Perkusich, & Sales, 2013), (Santos, et al., 2020), (Sánchez, 2019), (Zheng, Li, & Chen, 2011), (Fundación Proydesa, 2022)

Downloads

Published

2024-02-11

How to Cite

Chuquiana Casicana, L., & López Sevilla, G. (2024). PLUG AND PLAY (UPNP): ATTACK METHODS AND PROTECTION MEASURES. ReCIBE, Electronic Journal of Computing, Informatics, Biomedical and Electronics, 12(2), C9–12. Retrieved from http://recibe.cucei.udg.mx/index.php/ReCIBE/article/view/294

Issue

Vol. 12 No. 2 (2023): Nov 2023 - Abr 2024

Section

Computer Science & IT

License

Copyright (c) 2024 ReCIBE, electronic journal of Computing, Informatics, Biomedical and Electronics