Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security challenges in d2d communication by ajithkumar vyasarao

260 views

Published on

Security challenges in d2d communication by ajithkumar vyasarao

More info : https://cysinfo.com/10th-quarterly-meetup-29th-july-2017/

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security challenges in d2d communication by ajithkumar vyasarao

  1. 1. Security Challenges in D2D Communications AJITHKUMAR VYASARAO CCNA Cyber Ops, CCIE Service Provider, Cisco Security Ninja Black Belt
  2. 2. Agenda • Introduction • Security and Privacy Challenges
  3. 3. Introduction • We are witnessing revolution in Device to device communication. There are standards of personal area networks, such as Blue- tooth and ZigBee. • These technologies mainly been focused on reliable and fast communication. • At the same time, need to provide more safety in this domain.
  4. 4. D2D communications scope • Device to Device communication encompass technologies • Blue-tooth • Wifi • IOT • Mobile and Handheld devices
  5. 5. D2D communication • Vulnerable to various Security issues • Passive Eaves dropping • Active eaves dropping • Side channel attacks
  6. 6. D2D Communication • Confidentiality • Integrity • Availability
  7. 7. Network based anomaly detection • Collect and Analyze flows • Establish baseline • Alarm on anomalies detected
  8. 8. Alerts and Actions • All decisions of security controls can be classified as one of the following: • True positives: The security control, such as an IPS or IDS sensor, acted as a consequence of malicious activity, which represents normal and optimal operation. • False positives: The security control that is acted as a consequence of non- malicious activity, which represents an error, generally caused by too tight proactive controls (which do not permit all legitimate traffic) or too relaxed reactive controls (with too broad descriptions of the attack). • True negatives: The security control has not acted, because there was no malicious activity, which represents normal and optimal operation. • False negatives: The security control has not acted, even though there was malicious activity, which represents an error, generally caused by too relaxed proactive controls (which permit more than just minimal legitimate traffic) or too specific reactive controls (with too-specific descriptions of the attack).
  9. 9. Cyber Kill Chain Model • There are 2 models • Cyber Kill chain model • Diamond model
  10. 10. Cyber Kill Chain Model • Cyber kill chain model explains various stages of attack Reconnaissance Weaponization Delivery Exploitation Installationn Command-and-control Actions on Objectives
  11. 11. Cyber Kill Chain • Originally introduced by Lockheed Martin • The cyber kill chain has 7 stages. • Attackers do not necessarily need to follow the exact steps and sequences of the cyber kill chain
  12. 12. Diamond Model Adversary Infrastructure Victim Capability
  13. 13. Diamond Model • Developed by Caltagirone, Pendergast, and Betzis • The four nodes in the model are: adversary, capability, infrastructure, victim • An event is described as an adversary deploys a capability over some infrastructure against a victim
  14. 14. Q&A

×