SlideShare a Scribd company logo

Hacking a Bird in the Sky: Hijacking VSAT Connection

Jim Geovedi
Jim Geovedi

The document discusses hacking satellite internet connections through VSAT systems. It provides background on satellites, how they are launched and positioned in orbit, and how satellite internet services work. It specifically focuses on VSAT systems, describing their topology and components, as well as how their signals are transmitted and received via satellite footprints. The goal is to demonstrate security flaws that could allow hijacking of VSAT connections.

TechnologyBusiness
1 of 46
Hacking a Bird in the Sky Hijacking Very Small Aperture Terminal (VSAT) Connections Jim Geovedi and Raditya Iryandi BELLUA ASIA PACIFIC
Hacking a Bird in The Sky Disclaimer This presentation is intended to demonstrate the inherent security, design and configuration flaws in publicly accessible satellite communication networks and promote the use of safer satellite communication systems. Viewers and readers are responsible for their own actions and strongly encourage to behave themselves. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 2
Hacking a Bird in The Sky Satellite • A satellite is any object that orbits another object (which known as its primary). Artificial Satellites • It was the English sci-fi writer Arthur C. Clarke who conceived the possibility of artificial communication satellites in 1945. Clarke examined the logistics of satellite launch, possible orbits and other aspects. • The first artificial satellite was Sputnik 1 launched by Soviet Union on 4 October 1957 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 3
Hacking a Bird in The Sky Types of Artificial Satellites • Astronomical satellites • Solar power satellites • Reconnaissance satellites • Space stations • Navigation satellites • Weather satellites • Killer satellites/anti-satellite weapons • Miniaturised satellites • Biosatellites Warning: You are allowed to steal any contents of this material with or without notifying the authors. 4
Hacking a Bird in The Sky How is a Satellite Launched into an Orbit? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 5
Hacking a Bird in The Sky Satellite Internet Services • Used in locations where terrestrial Internet access is not available and in locations which move frequently, e.g. vessels at sea and war zone. • Can be used where the most basic utilities are lacking, require a generator or battery power supply that can produce enough electricity. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 6
Hacking a Bird in The Sky Three Types of Satellite Internet Services • One-way multicast: used for IP multicast-based data, audio and video distribution. Most Internet protocols will not work correctly over one-way access, since they require a return channel. • One-way with terrestrial return: used with traditional dial-up access to the Internet, with outbound data travelling through a telephone modem, but downloads are sent via satellite at a speed near that of broadband Internet access. • Two-way satellite access: allows upload and download data communications. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 7
Hacking a Bird in The Sky Very Small Aperture Terminal (VSAT) • Two-way satellite ground station with a dish antenna that is smaller than 3 metres. • Nearly all VSAT systems are now based on IP, with a very broad spectrum of applications. • Most commonly used interactive and transactional application (online communication between head office and branches, flight ticket and hotel reservation, ATM (Automated Teller Machine) and small data traffic) and terminal application with centralised database (data entry, inventory control and payment point) Warning: You are allowed to steal any contents of this material with or without notifying the authors. 8
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 9
Hacking a Bird in The Sky Internal Computer (TT&C) Body Power source Attitude control Grapple Fixture Communications Satellite Anatomy Warning: You are allowed to steal any contents of this material with or without notifying the authors. 10
Hacking a Bird in The Sky The Control Centre Warning: You are allowed to steal any contents of this material with or without notifying the authors. 11
Hacking a Bird in The Sky Tracking, Telemetry and Command Station Warning: You are allowed to steal any contents of this material with or without notifying the authors. 12
Hacking a Bird in The Sky Topologies of VSAT • A star topology, using a central uplink site, such as a network operations centre (NOC), to transport data back and forth to each VSAT terminal via satellite, • A mesh topology, where each VSAT terminal relays data via satellite to another terminal by acting as a hub, minimising the need for a centralised uplink site, • and a combination of both star and mesh topologies. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 13
Hacking a Bird in The Sky Satellite Footprint • The footprint of a satellite is the ground area that its transponders cover, and determines the satellite dish diameter required to receive each transponder's signal. • There is usually a different map for each transponder (or group of transponders) as each may be aimed to cover different areas of the ground. • Footprint maps usually show either the estimated minimal satellite dish diameter required, or the signal strength in each area measured in dBW. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 14
Hacking a Bird in The Sky 100º E - 145.9º E (SE Asia, Australia, China, Japan, Korea) Satellite Name Position HD TV TV Digital TV Analog Radio Digital Radio Analog Data ASIASAT 2 100.5º East 0 97 0 51 0 4 EXPRESS A2 103.0º East 0 13 0 12 0 2 ASIASAT 3S 105.5º East 0 258 0 56 0 22 CAKRAWARTA 1 107.7º East 0 70 0 19 0 5 TELKOM 1 108.0º East 0 57 0 0 0 4 AAP 1 108.2º East 0 57 0 0 0 17 BSAT 1A, 2A 110.0º East 10 3 4 14 0 0 JCSAT 110 110.0º East 0 63 0 20 0 0 SINOSAT 1 110.5º East 0 59 0 36 0 4 PALAPA C2 113.0º East 0 31 2 4 0 8 KOREASAT 2 113.0º East 0 48 0 0 0 3 KOREASAT 3 116.0º East 0 125 0 1 0 12 TELKOM 2 118.0º East 0 1 0 0 0 0 THAICOM 1A 120.0º East 0 6 0 1 0 0 ASIASAT 4 122.0º East 0 79 0 1 0 17 JCSAT 4A 124.0º East 0 93 0 0 0 7 JCSAT 3 128.0º East 0 142 0 103 0 21 JCSAT 5A 132.0º East 0 2 0 0 0 0 APSTAR 6 134.0º East 0 46 2 55 0 3 APSTAR V / TELSTAR 18 138.0º East 0 151 0 0 0 2 EXPRESS AM3 140.0º East 0 14 0 8 0 1 SUPERBIRD C 144.0º East 0 57 0 4 0 0 source: http://www.satcodx4.com/eng/ accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 15
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 16
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 17
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 18
Hacking a Bird in The Sky MEASAT-1 @ 91.5º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 19
Hacking a Bird in The Sky PALAPA C2 @ 113.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 20
Hacking a Bird in The Sky TELKOM 1 @ 108.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 21
Hacking a Bird in The Sky TELKOM 2 @ 118.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 22
Hacking a Bird in The Sky Attacks against Satellite Systems It’s politically sensitive, but it’s going to happen. Some people don’t want to hear this, and it sure isn’t in vogue … but—absolutely—we’re going to fight in space. We’re going to fight from space and we’re going to fight into space… General Joseph W. Ashy Former Commander in Chief U.S. Space Command source: http://www.au.af.mil/au/awc/awcgate/saas/spacy_wl.pdf accessed on 21 September 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 23
Hacking a Bird in The Sky Hypothetical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 24
Hacking a Bird in The Sky Denial of Service Attacks • Jam uplink and downlink • White noise at frequency. • Requires directed antenna. • Requires very low power. • Difficult to detect, especially if occurring at irregular intervals. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 25
Hacking a Bird in The Sky Denial of Service Attacks • Overpower uplink • Can be done with transportable satellite ground terminals • In tri-band (C-band, X-band, and Ku-band). • Power limited. • Uplink equipment now contains ID coding. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 26
Hacking a Bird in The Sky Orbital Positioning Attacks • Ranging transponder spoofing • Multiple ground stations triangulate satellite position using a series of tones sent to a transponder. • Ground stations observe phase differentials. • Ground or airborne spoofer could transmit false response, resulting in incorrect orbit determination. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 27
Hacking a Bird in The Sky Orbital Positioning Attacks • Direct commanding • Preparation and delivery of telecommand queue. • Command replay • Record outbound telecommand queue from TT&C facility. Replay later to initiate duplicate action. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 28
Hacking a Bird in The Sky Orbital Positioning Attacks • Insertion after confirmation but prior to execution • SCC formulates telecommand queue and sends to TT&C. • TT&C uplinks and receives readback, which it returns to SCC. • If readback is correct, SCC waits for proper time to execute. • Channel is vulnerable to update during this period — new telecommand queue may be uploaded prior to authenticated execute. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 29
Hacking a Bird in The Sky Practical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 30
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 31
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 32
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 33
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 34
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 35
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 36
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 37
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 38
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 39
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 40
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 41
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 42
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 43
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 44
Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 45
Hacking a Bird in The Sky Discussion • Other attacks against satellite? • Law issues? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 46

Recommended

開発者におくるサーバーレスモニタリング
開発者におくるサーバーレスモニタリング開発者におくるサーバーレスモニタリング
開発者におくるサーバーレスモニタリング
Amazon Web Services Japan
 
B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020
B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020
B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020
SORACOM,INC
 
Threat hunting and achieving security maturity
Threat hunting and achieving security maturityThreat hunting and achieving security maturity
Threat hunting and achieving security maturity
DNIF
 
MuninとZABBIXで効率的トラブルシューティング
MuninとZABBIXで効率的トラブルシューティングMuninとZABBIXで効率的トラブルシューティング
MuninとZABBIXで効率的トラブルシューティング
Masahito Zembutsu
 
クラウド利活用セミナー資料 中里
クラウド利活用セミナー資料 中里クラウド利活用セミナー資料 中里
クラウド利活用セミナー資料 中里
Masahiro Nakazato
 
Identity as a Service - Etude IDaaS
Identity as a Service - Etude IDaaSIdentity as a Service - Etude IDaaS
Identity as a Service - Etude IDaaS
Marc Rousselet
 
TUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptx
TUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptxTUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptx
TUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptx
AsepPerdiansyah
 
Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)
Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)
Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)
Trainocate Japan, Ltd.
 

Recommended

開発者におくるサーバーレスモニタリング
開発者におくるサーバーレスモニタリング開発者におくるサーバーレスモニタリング
開発者におくるサーバーレスモニタリング
Amazon Web Services Japan
 
B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020
B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020
B2 改めて双方向通信について考えよう! 〜リモートアクセスのパターンとその実践〜 | SORACOM Technology Camp 2020
SORACOM,INC
 
Threat hunting and achieving security maturity
Threat hunting and achieving security maturityThreat hunting and achieving security maturity
Threat hunting and achieving security maturity
DNIF
 
MuninとZABBIXで効率的トラブルシューティング
MuninとZABBIXで効率的トラブルシューティングMuninとZABBIXで効率的トラブルシューティング
MuninとZABBIXで効率的トラブルシューティング
Masahito Zembutsu
 
クラウド利活用セミナー資料 中里
クラウド利活用セミナー資料 中里クラウド利活用セミナー資料 中里
クラウド利活用セミナー資料 中里
Masahiro Nakazato
 
Identity as a Service - Etude IDaaS
Identity as a Service - Etude IDaaSIdentity as a Service - Etude IDaaS
Identity as a Service - Etude IDaaS
Marc Rousselet
 
TUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptx
TUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptxTUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptx
TUTORIAL MEMBUAT GOOGLE CLASSROOM UNTUK PEMBELAJARAN OLEH ASEP PERDIANSYAH.pptx
AsepPerdiansyah
 
Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)
Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)
Amazon ECS AWS Fargate あるとき~ ないとき~ (トレノケ雲の会 mod2)
Trainocate Japan, Ltd.
 
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズAmazon Web Services Japan
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchUsing MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
MITRE - ATT&CKcon
 
AWS X-Rayによるアプリケーションの分析とデバッグ
AWS X-Rayによるアプリケーションの分析とデバッグAWS X-Rayによるアプリケーションの分析とデバッグ
AWS X-Rayによるアプリケーションの分析とデバッグ
Amazon Web Services Japan
 
CloudWatch Logsについて
CloudWatch LogsについてCloudWatch Logsについて
CloudWatch Logsについて
Sugawara Genki
 
Backup+e+archiving+na+nuvem+aws+ +ricardo+geh
Backup+e+archiving+na+nuvem+aws+ +ricardo+gehBackup+e+archiving+na+nuvem+aws+ +ricardo+geh
Backup+e+archiving+na+nuvem+aws+ +ricardo+geh
Amazon Web Services LATAM
 
Wazuh Security Platform
Wazuh Security PlatformWazuh Security Platform
Wazuh Security Platform
Pituphong Yavirach
 
AWS セキュリティとコンプライアンス
AWS セキュリティとコンプライアンスAWS セキュリティとコンプライアンス
AWS セキュリティとコンプライアンス
Amazon Web Services Japan
 
Skybox security
Skybox security Skybox security
Skybox security
Alejandro Cadarso
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
Cigdem Sengul
 
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
Amazon Web Services Japan
 
AWS SAMで始めるサーバーレスアプリケーション開発
AWS SAMで始めるサーバーレスアプリケーション開発AWS SAMで始めるサーバーレスアプリケーション開発
AWS SAMで始めるサーバーレスアプリケーション開発
真吾 吉田
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
WinWire Technologies Inc
 
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Amazon Web Services
 
不確実性に対応する開発手法 - スクラムの基礎
不確実性に対応する開発手法 - スクラムの基礎不確実性に対応する開発手法 - スクラムの基礎
不確実性に対応する開発手法 - スクラムの基礎
西岡 賢一郎
 
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
Amazon Web Services Japan
 
AWS BlackBelt AWS上でのDDoS対策
AWS BlackBelt AWS上でのDDoS対策AWS BlackBelt AWS上でのDDoS対策
AWS BlackBelt AWS上でのDDoS対策
Amazon Web Services Japan
 
大学等におけるAzure AD B2Cを使用したSNS認証の活用
大学等におけるAzure AD B2Cを使用したSNS認証の活用大学等におけるAzure AD B2Cを使用したSNS認証の活用
大学等におけるAzure AD B2Cを使用したSNS認証の活用
Naohiro Fujie
 
浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン
Amazon Web Services Japan
 
Amazon VPC VPN接続設定 参考資料
Amazon VPC VPN接続設定 参考資料Amazon VPC VPN接続設定 参考資料
Amazon VPC VPN接続設定 参考資料
Amazon Web Services Japan
 
仮想DOMを理解する
仮想DOMを理解する仮想DOMを理解する
仮想DOMを理解する
K K
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social Media
Jim Geovedi
 
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Jim Geovedi
 

More Related Content

What's hot

ELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズAmazon Web Services Japan
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchUsing MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
MITRE - ATT&CKcon
 
AWS X-Rayによるアプリケーションの分析とデバッグ
AWS X-Rayによるアプリケーションの分析とデバッグAWS X-Rayによるアプリケーションの分析とデバッグ
AWS X-Rayによるアプリケーションの分析とデバッグ
Amazon Web Services Japan
 
CloudWatch Logsについて
CloudWatch LogsについてCloudWatch Logsについて
CloudWatch Logsについて
Sugawara Genki
 
Backup+e+archiving+na+nuvem+aws+ +ricardo+geh
Backup+e+archiving+na+nuvem+aws+ +ricardo+gehBackup+e+archiving+na+nuvem+aws+ +ricardo+geh
Backup+e+archiving+na+nuvem+aws+ +ricardo+geh
Amazon Web Services LATAM
 
Wazuh Security Platform
Wazuh Security PlatformWazuh Security Platform
Wazuh Security Platform
Pituphong Yavirach
 
AWS セキュリティとコンプライアンス
AWS セキュリティとコンプライアンスAWS セキュリティとコンプライアンス
AWS セキュリティとコンプライアンス
Amazon Web Services Japan
 
Skybox security
Skybox security Skybox security
Skybox security
Alejandro Cadarso
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
Cigdem Sengul
 
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
Amazon Web Services Japan
 
AWS SAMで始めるサーバーレスアプリケーション開発
AWS SAMで始めるサーバーレスアプリケーション開発AWS SAMで始めるサーバーレスアプリケーション開発
AWS SAMで始めるサーバーレスアプリケーション開発
真吾 吉田
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
WinWire Technologies Inc
 
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Amazon Web Services
 
不確実性に対応する開発手法 - スクラムの基礎
不確実性に対応する開発手法 - スクラムの基礎不確実性に対応する開発手法 - スクラムの基礎
不確実性に対応する開発手法 - スクラムの基礎
西岡 賢一郎
 
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
Amazon Web Services Japan
 
AWS BlackBelt AWS上でのDDoS対策
AWS BlackBelt AWS上でのDDoS対策AWS BlackBelt AWS上でのDDoS対策
AWS BlackBelt AWS上でのDDoS対策
Amazon Web Services Japan
 
大学等におけるAzure AD B2Cを使用したSNS認証の活用
大学等におけるAzure AD B2Cを使用したSNS認証の活用大学等におけるAzure AD B2Cを使用したSNS認証の活用
大学等におけるAzure AD B2Cを使用したSNS認証の活用
Naohiro Fujie
 
浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン
Amazon Web Services Japan
 
Amazon VPC VPN接続設定 参考資料
Amazon VPC VPN接続設定 参考資料Amazon VPC VPN接続設定 参考資料
Amazon VPC VPN接続設定 参考資料
Amazon Web Services Japan
 
仮想DOMを理解する
仮想DOMを理解する仮想DOMを理解する
仮想DOMを理解する
K K
 

What's hot (20)

ELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
ELB & CloudWatch & AutoScaling - AWSマイスターシリーズ
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchUsing MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
 
AWS X-Rayによるアプリケーションの分析とデバッグ
AWS X-Rayによるアプリケーションの分析とデバッグAWS X-Rayによるアプリケーションの分析とデバッグ
AWS X-Rayによるアプリケーションの分析とデバッグ
 
CloudWatch Logsについて
CloudWatch LogsについてCloudWatch Logsについて
CloudWatch Logsについて
 
Backup+e+archiving+na+nuvem+aws+ +ricardo+geh
Backup+e+archiving+na+nuvem+aws+ +ricardo+gehBackup+e+archiving+na+nuvem+aws+ +ricardo+geh
Backup+e+archiving+na+nuvem+aws+ +ricardo+geh
 
Wazuh Security Platform
Wazuh Security PlatformWazuh Security Platform
Wazuh Security Platform
 
AWS セキュリティとコンプライアンス
AWS セキュリティとコンプライアンスAWS セキュリティとコンプライアンス
AWS セキュリティとコンプライアンス
 
Skybox security
Skybox security Skybox security
Skybox security
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
 
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
製造装置データ収集の選択肢 (AWS IoT Deep Dive #5)
 
AWS SAMで始めるサーバーレスアプリケーション開発
AWS SAMで始めるサーバーレスアプリケーション開発AWS SAMで始めるサーバーレスアプリケーション開発
AWS SAMで始めるサーバーレスアプリケーション開発
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
 
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...
 
不確実性に対応する開発手法 - スクラムの基礎
不確実性に対応する開発手法 - スクラムの基礎不確実性に対応する開発手法 - スクラムの基礎
不確実性に対応する開発手法 - スクラムの基礎
 
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
AWS IoT SiteWise のご紹介 (AWS IoT Deep Dive #5)
 
AWS BlackBelt AWS上でのDDoS対策
AWS BlackBelt AWS上でのDDoS対策AWS BlackBelt AWS上でのDDoS対策
AWS BlackBelt AWS上でのDDoS対策
 
大学等におけるAzure AD B2Cを使用したSNS認証の活用
大学等におけるAzure AD B2Cを使用したSNS認証の活用大学等におけるAzure AD B2Cを使用したSNS認証の活用
大学等におけるAzure AD B2Cを使用したSNS認証の活用
 
浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン
 
Amazon VPC VPN接続設定 参考資料
Amazon VPC VPN接続設定 参考資料Amazon VPC VPN接続設定 参考資料
Amazon VPC VPN接続設定 参考資料
 
仮想DOMを理解する
仮想DOMを理解する仮想DOMを理解する
仮想DOMを理解する
 

More from Jim Geovedi

Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social Media
Jim Geovedi
 
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Jim Geovedi
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
Jim Geovedi
 
Internet Worms
Internet WormsInternet Worms
Internet Worms
Jim Geovedi
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
Jim Geovedi
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour ruleJim Geovedi
 
Professional Hackers
Professional HackersProfessional Hackers
Professional Hackers
Jim Geovedi
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobet
Jim Geovedi
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log Management
Jim Geovedi
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony Security
Jim Geovedi
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsJim Geovedi
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingJim Geovedi
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Jim Geovedi
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
Jim Geovedi
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank Job
Jim Geovedi
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverJim Geovedi
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipJim Geovedi
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 

More from Jim Geovedi (20)

Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social Media
 
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
 
Internet Worms
Internet WormsInternet Worms
Internet Worms
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour rule
 
Professional Hackers
Professional HackersProfessional Hackers
Professional Hackers
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobet
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log Management
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony Security
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry Birds
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite Hacking
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank Job
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to Discover
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
 

Recently uploaded

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 

Recently uploaded (20)

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 

Hacking a Bird in the Sky: Hijacking VSAT Connection

  • 1. Hacking a Bird in the Sky Hijacking Very Small Aperture Terminal (VSAT) Connections Jim Geovedi and Raditya Iryandi BELLUA ASIA PACIFIC
  • 2. Hacking a Bird in The Sky Disclaimer This presentation is intended to demonstrate the inherent security, design and configuration flaws in publicly accessible satellite communication networks and promote the use of safer satellite communication systems. Viewers and readers are responsible for their own actions and strongly encourage to behave themselves. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 2
  • 3. Hacking a Bird in The Sky Satellite • A satellite is any object that orbits another object (which known as its primary). Artificial Satellites • It was the English sci-fi writer Arthur C. Clarke who conceived the possibility of artificial communication satellites in 1945. Clarke examined the logistics of satellite launch, possible orbits and other aspects. • The first artificial satellite was Sputnik 1 launched by Soviet Union on 4 October 1957 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 3
  • 4. Hacking a Bird in The Sky Types of Artificial Satellites • Astronomical satellites • Solar power satellites • Reconnaissance satellites • Space stations • Navigation satellites • Weather satellites • Killer satellites/anti-satellite weapons • Miniaturised satellites • Biosatellites Warning: You are allowed to steal any contents of this material with or without notifying the authors. 4
  • 5. Hacking a Bird in The Sky How is a Satellite Launched into an Orbit? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 5
  • 6. Hacking a Bird in The Sky Satellite Internet Services • Used in locations where terrestrial Internet access is not available and in locations which move frequently, e.g. vessels at sea and war zone. • Can be used where the most basic utilities are lacking, require a generator or battery power supply that can produce enough electricity. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 6
  • 7. Hacking a Bird in The Sky Three Types of Satellite Internet Services • One-way multicast: used for IP multicast-based data, audio and video distribution. Most Internet protocols will not work correctly over one-way access, since they require a return channel. • One-way with terrestrial return: used with traditional dial-up access to the Internet, with outbound data travelling through a telephone modem, but downloads are sent via satellite at a speed near that of broadband Internet access. • Two-way satellite access: allows upload and download data communications. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 7
  • 8. Hacking a Bird in The Sky Very Small Aperture Terminal (VSAT) • Two-way satellite ground station with a dish antenna that is smaller than 3 metres. • Nearly all VSAT systems are now based on IP, with a very broad spectrum of applications. • Most commonly used interactive and transactional application (online communication between head office and branches, flight ticket and hotel reservation, ATM (Automated Teller Machine) and small data traffic) and terminal application with centralised database (data entry, inventory control and payment point) Warning: You are allowed to steal any contents of this material with or without notifying the authors. 8
  • 9. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 9
  • 10. Hacking a Bird in The Sky Internal Computer (TT&C) Body Power source Attitude control Grapple Fixture Communications Satellite Anatomy Warning: You are allowed to steal any contents of this material with or without notifying the authors. 10
  • 11. Hacking a Bird in The Sky The Control Centre Warning: You are allowed to steal any contents of this material with or without notifying the authors. 11
  • 12. Hacking a Bird in The Sky Tracking, Telemetry and Command Station Warning: You are allowed to steal any contents of this material with or without notifying the authors. 12
  • 13. Hacking a Bird in The Sky Topologies of VSAT • A star topology, using a central uplink site, such as a network operations centre (NOC), to transport data back and forth to each VSAT terminal via satellite, • A mesh topology, where each VSAT terminal relays data via satellite to another terminal by acting as a hub, minimising the need for a centralised uplink site, • and a combination of both star and mesh topologies. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 13
  • 14. Hacking a Bird in The Sky Satellite Footprint • The footprint of a satellite is the ground area that its transponders cover, and determines the satellite dish diameter required to receive each transponder's signal. • There is usually a different map for each transponder (or group of transponders) as each may be aimed to cover different areas of the ground. • Footprint maps usually show either the estimated minimal satellite dish diameter required, or the signal strength in each area measured in dBW. Warning: You are allowed to steal any contents of this material with or without notifying the authors. 14
  • 15. Hacking a Bird in The Sky 100º E - 145.9º E (SE Asia, Australia, China, Japan, Korea) Satellite Name Position HD TV TV Digital TV Analog Radio Digital Radio Analog Data ASIASAT 2 100.5º East 0 97 0 51 0 4 EXPRESS A2 103.0º East 0 13 0 12 0 2 ASIASAT 3S 105.5º East 0 258 0 56 0 22 CAKRAWARTA 1 107.7º East 0 70 0 19 0 5 TELKOM 1 108.0º East 0 57 0 0 0 4 AAP 1 108.2º East 0 57 0 0 0 17 BSAT 1A, 2A 110.0º East 10 3 4 14 0 0 JCSAT 110 110.0º East 0 63 0 20 0 0 SINOSAT 1 110.5º East 0 59 0 36 0 4 PALAPA C2 113.0º East 0 31 2 4 0 8 KOREASAT 2 113.0º East 0 48 0 0 0 3 KOREASAT 3 116.0º East 0 125 0 1 0 12 TELKOM 2 118.0º East 0 1 0 0 0 0 THAICOM 1A 120.0º East 0 6 0 1 0 0 ASIASAT 4 122.0º East 0 79 0 1 0 17 JCSAT 4A 124.0º East 0 93 0 0 0 7 JCSAT 3 128.0º East 0 142 0 103 0 21 JCSAT 5A 132.0º East 0 2 0 0 0 0 APSTAR 6 134.0º East 0 46 2 55 0 3 APSTAR V / TELSTAR 18 138.0º East 0 151 0 0 0 2 EXPRESS AM3 140.0º East 0 14 0 8 0 1 SUPERBIRD C 144.0º East 0 57 0 4 0 0 source: http://www.satcodx4.com/eng/ accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 15
  • 16. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 16
  • 17. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 17
  • 18. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 18
  • 19. Hacking a Bird in The Sky MEASAT-1 @ 91.5º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 19
  • 20. Hacking a Bird in The Sky PALAPA C2 @ 113.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 20
  • 21. Hacking a Bird in The Sky TELKOM 1 @ 108.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 21
  • 22. Hacking a Bird in The Sky TELKOM 2 @ 118.0º East Warning: You are allowed to steal any contents of this material with or without notifying the authors. 22
  • 23. Hacking a Bird in The Sky Attacks against Satellite Systems It’s politically sensitive, but it’s going to happen. Some people don’t want to hear this, and it sure isn’t in vogue … but—absolutely—we’re going to fight in space. We’re going to fight from space and we’re going to fight into space… General Joseph W. Ashy Former Commander in Chief U.S. Space Command source: http://www.au.af.mil/au/awc/awcgate/saas/spacy_wl.pdf accessed on 21 September 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 23
  • 24. Hacking a Bird in The Sky Hypothetical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 24
  • 25. Hacking a Bird in The Sky Denial of Service Attacks • Jam uplink and downlink • White noise at frequency. • Requires directed antenna. • Requires very low power. • Difficult to detect, especially if occurring at irregular intervals. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 25
  • 26. Hacking a Bird in The Sky Denial of Service Attacks • Overpower uplink • Can be done with transportable satellite ground terminals • In tri-band (C-band, X-band, and Ku-band). • Power limited. • Uplink equipment now contains ID coding. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 26
  • 27. Hacking a Bird in The Sky Orbital Positioning Attacks • Ranging transponder spoofing • Multiple ground stations triangulate satellite position using a series of tones sent to a transponder. • Ground stations observe phase differentials. • Ground or airborne spoofer could transmit false response, resulting in incorrect orbit determination. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 27
  • 28. Hacking a Bird in The Sky Orbital Positioning Attacks • Direct commanding • Preparation and delivery of telecommand queue. • Command replay • Record outbound telecommand queue from TT&C facility. Replay later to initiate duplicate action. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 28
  • 29. Hacking a Bird in The Sky Orbital Positioning Attacks • Insertion after confirmation but prior to execution • SCC formulates telecommand queue and sends to TT&C. • TT&C uplinks and receives readback, which it returns to SCC. • If readback is correct, SCC waits for proper time to execute. • Channel is vulnerable to update during this period — new telecommand queue may be uploaded prior to authenticated execute. source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006 Warning: You are allowed to steal any contents of this material with or without notifying the authors. 29
  • 30. Hacking a Bird in The Sky Practical Attacks against Satellite Systems Warning: You are allowed to steal any contents of this material with or without notifying the authors. 30
  • 31. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 31
  • 32. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 32
  • 33. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 33
  • 34. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 34
  • 35. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 35
  • 36. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 36
  • 37. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 37
  • 38. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 38
  • 39. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 39
  • 40. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 40
  • 41. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 41
  • 42. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 42
  • 43. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 43
  • 44. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 44
  • 45. Hacking a Bird in The Sky Warning: You are allowed to steal any contents of this material with or without notifying the authors. 45
  • 46. Hacking a Bird in The Sky Discussion • Other attacks against satellite? • Law issues? Warning: You are allowed to steal any contents of this material with or without notifying the authors. 46