SlideShare a Scribd company logo

(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design

Priyanka Aash
Priyanka Aash

The document discusses security challenges and approaches for IoT networks and ecosystems. It provides an overview of common IoT communication protocols like Zigbee, Bluetooth Low Energy, and IEEE 802.15.4. It then demonstrates hands-on exercises attacking these protocols by sniffing and manipulating packets. It also discusses securing the AWS IoT platform and introduces the security development lifecycle approach for securing IoT products throughout the development process.

1 of 69
Download to read offline
Designing IoT Networks & Ecosystems to thwart low power communication protocol attacks Sumanth Naropanth & Nitin Lakshmanan DEEP ARMOR
Agenda • Technical overview of an IoT/wearable ecosystem • Building blocks • Communication Protocols • Hands-on Exercises • IEEE 802.15.4/ZigBee • Bluetooth and BLE • AWS IoT Core • Security Development Lifecycle (SDL) overview
Instructors • Nitin Lakshmanan • Security Analyst — Deep Armor • Aujas Networks, Aricent/Intel • Sumanth Naropanth • Founder and CEO — Deep Armor • Intel, Palm/HP, Sun Microsystems • Security consulting, vulnerability testing, SDL and training services for emerging technologies • www.deeparmor.com | @deep_armor
Gateway IoT Ecosystem Zigbee/Z-Wave/RF HTTP/S NB-IoT Cat M1 WiFi/BT/BLE/NFC/ANT+ HTTP/S Nod e Nod e Nod e Cloud (AWS/GCP/Azure/Private) WiFi/BT/BLE/NFC/ANT+
Attacks on IoT products
Gateway Weak Links Zigbee/Z-Wave/RF HTTP/S NB-IoT Cat M1 WiFi/BT/BLE/NFC/ANT+ HTTP/S - HW access - Secure Boot/FOTA - Crypto/Key Management - DARE - Node Spoofing - Node security requirements (see below) + - If (Rich OS), OS security - User Management - Secure Configuration - API security - Portal/UI security - Crypto/Key management - Container Security - Network security - Weaknesses in Wireless Standards - Side channel and timing attacks - Secure Provisioning - Secure Data Transmission - User/App Identification - Implementation weaknesses - Crypto - Crypto/Key Management Nod e Nod e Nod e Cloud (AWS/GCP/Azure/Private) - Secure Identification - Secure Debug - Secure Provisioning - Protocol attacks - Sensor value tampering WiFi/BT/BLE/NFC/ANT+
Communication Channels Back End Services Gateway Gateway Node Node Node Node Node Node Sensors Sensors Sensors Sensors HTTP/HTTPS HTTP/HTTPS HTTP/HTTPS BT/BLE/WiFi/NFC/WiFi-Direct BT/BLE/NFC BLE/ANT+ Zigbee/Z-wave BLE/ANT+ Zigbee/Z-wave
IoT Protocols BLE Blueto oth Zigbe e DSMx NFC ANT+ Z-Wave Wi-Fi Cellular MQTT 6LoWP AN RFID SigFox CoAP Thread LTE 4G DASH nWave
Zigbee
Zigbee • Low data rate wireless applications • Smart energy, medical, home automation, IIoT • Two bands of operation: 868/915MHz and 2450MHz • Simpler & less expensive than Bluetooth • 10-100m range • Zigbee Alliance
Zigbee Security Model • Open Trust model (Device Trust Boundary) • Crypto protection • Network Key • Link Key (App Support Sublayer) • Secure key storage assumptions • Transmission of network key for new nodes • Hard-coded Trust Center Link Keys
IEEE 802.15.4
802.15.4 • IEEE standard for low-rate wireless personal area networks (LR-WPANs) • 6LoWPAN for IPv6 over WPANs • Zigbee extends 802.15.4 (wrapper services) Application Presentation Session Transport Network Data Link Physical Logical Link Control Media Access Control
Exercise 1a Generating & Analyzing IEEE 802.15.4 WSN packets (MAC Layer)
Packet Structure Payload [DA/DD] [DATA] SRC SEQ NUM PAN ID DST
Attacking WSN - Setup • IoT product simulator • Zigbee-like 802.15.4 based communication protocol • Packet sniffing, capture and injection • Goals: • Basic packet header formats • Security models for protecting comms • Hardware and software tools for packet sniffing & injection
Setup Victim (Sender & Receiver) Attacker
Packet Sniffing/Injection
Outline DA Packets DD Packets Manipulate Payload Sniff Inject Demo 1
Exercise 1b Packet Manipulation using Scapy
Hardening the WSN
Outline HMAC (DA packet payload) HMAC (DD packet payload Manipulate Payload Sniff Inject Demo 2a
Is that enough?
Can we attack something else?
Packet Structure Payload [DA/DD] [DATA] SRC SEQ NUM PAN ID DST
Outline HMAC (DA packet payload) HMAC (DD packet payload) Manipulate SEQ NUM Sniff Inject Demo 2b
Exercise 2 Manipulating the SEQ NUM header
Hardening the WSN
Outline HMAC (DA packet payload + headers) Manipulate SEQ NUM/payload HMAC (DD packet payload + headers) Sniff Inject Demo 3
Hardening Wireless Sensor Networks • Integrity of the packet is maintained • HMAC implemented for integrity protection • With Cryptographic hash function like SHA256 • Key provisioning can be via many ways - DH, for example
Bluetooth and Bluetooth Low Energy (BLE)
GAP Defines how devices discover, connect and create bonding between them SMP Protocol for pairing and key distribution and authenticating other device Shared secrets can be managed and hence speed-up the reconnection process L2CAP Multiplexing layer for BLE GATT Describes characteristics, services and type of attributes/ their usage ATT Simple Client/ Server stateless protocol with rules for accessing data on a peer device Overview: Bluetooth Stack
Intro to BLE • Wireless protocol for short range data exchange (~10 to 100 m) • Light-weight subset of classic Bluetooth with low power consumption • Operates in radio frequencies between 2.4 to 2.485 GHz • Managed by the Bluetooth Special Interest Group (SIG) • Use cases include wearable devices, smart pay systems, smart security systems etc
BLE Security Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
Pairing Algorithms Secure Simple Pairing • Just Works: very limited/ no user interface • Numeric Comparison: devices with display plus yes/no button • Passkey Entry: 6 digit pin as the pass key • Out Of Band: Use of an out of the band channel against MITM attacks
Security weaknesses in BT/BLE • Security of the communication link depends on pairing algorithm • Eaves dropping on pairing mechanism compromises encryption keys • ‘Just works’ mode prone to MITM attacks • Apps (on the same phone as the companion app) snooping on encrypted BLE traffic – Let’s explore this!
BT/BLE Security - Tools • Ubertooth • Bluefruit LE sniffer • NRFsniffer (Nordic BLE sniffer) • Ellisys sniffer
BLE packet eavesdropping with Ubertooth
Overview • Market products for fitness tracking • Use Bluetooth Low Energy • Packet sniffing, capture and cracking LE encryption • Goals: • BLE traffic eavesdropping • Tools to crack the basic security offered by BLE spec
Setup
Problems & Packet Injection • Multiple advertising channels (37, 38, 39) • Uncertainty —> 3 Ubertooths are better than 1 • Custom FW for packet injection
Exercise 1 BLE Packet Analysis using Wireshark
Understanding BLE pcaps • Protocol Data Unit • PDU length determines —> advertising packet or not •pdu_type == 5 [connection request by bluetooth device ]
Exercise 2 Crackle - breaking LE encryption
Stealing the LTK Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
Hardening BLE
Options • Basic security- Switch on LE encryption • Crackle can break it! • Holistic Security — Application level encryption on top of network-level encryption • LE Privacy Mode
Hacking [Wearable - Mobile] Channels
BT/BLE problems with Android and iOS Device Commands: • Put device into recovery mode • Do a FW update • Change Device (BLE) name Notifications: • Social apps • Calls and texts Information: • User activity data • User profile updates • Application action (calls, music control) • Call/text/social updates (sometimes) ATTACKER
Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Step Count & Calories Demo X
Root Cause All applications on Android and iOS can subscribe to the BT service and get the data on the same BT channels or BLE characteristics as the legitimate app • Android • android.permission.BLUETOOTH • android.permission.BLUETOOTH_ADMIN – quote: • iOS • Core Bluetooth (CB) Framework • Centrals (client/phone) and Peripherals (server/wearable) classes
Hardening
Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Encrypted (Step Count, Distance & Calories) LTK-encrypted Decrypted (Step Count, Distance & Calories)
LTK-Encryption What happened there? Decrypted (Step Count, Distance & Calories) Decrypted ((Encrypted(Step Count, Distance & Calories)) LTK-Encrypted (Step Count, Distance & Calories) Wrapper Service B Wrapper Service A Encryption BLE Link Layer
Challenges • Multiple mobile devices per device • Key provisioning and OOBE exposure • Solution • Use the Cloud
AWS IoT Core
What is it? • Managed cloud service for connected devices to interact with cloud applications • Connect and manage devices • Secure the communication • Process and Act • Monitor
Demo & Exercise • Setup AWS IoT core Policy Thing Certs IoT Device Simulat or MQTT • Creating Policy/Thing/Certificates and attaching them to certificate • Run IoT device simulators from laptops • Observe traffic in Wireshark
Topics of Interest • Review of overly permissive policies • Wild card should be avoided [iot : *] • iot:Publish/UpdateJobExecution/GetThingShadow • Must specify ARN of resource [wildcard * should not be used]
Topics of Interest • AWS forces MQTT over TLS • All traffic to and from AWS IoT must be encrypted over Transport Layer Security (TLS). • AWS Authentication • X.509 certificates • IAM users, groups, and roles • Amazon Cognito identities • Federated identities
Security Development Lifecycle
Need for SDL • Next-gen SDL • For IoT, wearable and cloud technologies. • Especially when they all come together • Ecosystem security • Agile • Security, Privacy and Legal woven into the development cycle • Leveraging industry standards
Security Architecture, Privacy Requirements Threat Modeling, Attack Trees & Data Access Reviews Focused Security Code Reviews & Privacy Planning Fuzzing, Penetration Testing, Privacy Sign-off Fix verification, Incident Response Planning Delta Security Assessment, Security for Continuous Integration/Deliv ery Program Conception Design Implementation Pre-Launch Deployment Maintenance Reviews Reviews & Reports Reports Resolution & Sign-off Reports IoT Mobil e Cloud Security Development Lifecycle Approach
Unshackling from traditional SDL
Challenges: Securing a never- before gadget • Lack of tactical SDL frameworks for rapid time-to-market products with constantly evolving requirements • Diverse, non-standard and evolving communication protocols • Weaknesses in adoption of protocol specifications • Long lives for IoT products • Privacy • Nascent research in IoT security
Challenges - Technical • Collection of personal data and PII is higher • Geo-location information • Biometric data • Sensor data • Payment services • Limited SW stack —> security may get compromised • Often FW running on micro-controllers • Field updates are difficult • Asymmetric key crypto, TEEs, etc. are heavy • Multi-tier, multi-tenant product architecture • Cross-domain flows • Multiple exposure points as a consequence
Privacy • Why worry? • Global Markets • Country-specific guidelines • Ecosystems and overlapping policies
Summary • Plethora of protocols (and standards) • Custom hardware & software for IoT comms penetration testing • RZUSBStick works great. Also, APImote • Not much else • BT/BLE sniffing is still sketchy • SDL/SPDL and Shift-left Mobil e Clou d IoT devic e Communicatio n channel
www.deeparmor.com | @deep_armor | services@deeparmor.com SDL Vulnerability Assessments Security Consulting Trainings

Recommended

State Of Automotive Security
State Of Automotive SecurityState Of Automotive Security
State Of Automotive Security
Priyanka Aash
 
From The Hidden Internet: Lesson From 12 Months Of Monitoring
From The Hidden Internet: Lesson From 12 Months Of MonitoringFrom The Hidden Internet: Lesson From 12 Months Of Monitoring
From The Hidden Internet: Lesson From 12 Months Of Monitoring
Priyanka Aash
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
How VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at RiskHow VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at Risk
Cyxtera Technologies
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
Simplex
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat Modeling
Dr. Anish Cheriyan (PhD)
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
InnoTech
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simple
Sameer Paradia
 

Recommended

State Of Automotive Security
State Of Automotive SecurityState Of Automotive Security
State Of Automotive Security
Priyanka Aash
 
From The Hidden Internet: Lesson From 12 Months Of Monitoring
From The Hidden Internet: Lesson From 12 Months Of MonitoringFrom The Hidden Internet: Lesson From 12 Months Of Monitoring
From The Hidden Internet: Lesson From 12 Months Of Monitoring
Priyanka Aash
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
How VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at RiskHow VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at Risk
Cyxtera Technologies
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
Simplex
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat Modeling
Dr. Anish Cheriyan (PhD)
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
InnoTech
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simple
Sameer Paradia
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Cisco Security
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
VMUG IT
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat Security Conference
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
Cisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
Sean Xie
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 
Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_fin
PacSecJP
 
Wireless personal area networks(PAN)
Wireless personal area networks(PAN)Wireless personal area networks(PAN)
Wireless personal area networks(PAN)
punjab engineering college, chandigarh
 

More Related Content

What's hot

Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Cisco Security
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
VMUG IT
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat Security Conference
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
Cisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
Sean Xie
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 

What's hot (20)

Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
 

Similar to (Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design

Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_fin
PacSecJP
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSrinivasa Addepalli
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation
Eurotech
 
Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem
NiclasGranqvist
 
CompTIA Security Plus Overview
CompTIA Security Plus OverviewCompTIA Security Plus Overview
CompTIA Security Plus Overview
Joseph Holbrook, Chief Learning Officer (CLO)
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 
BLUETOOTH TECHNOLOGY
BLUETOOTH TECHNOLOGYBLUETOOTH TECHNOLOGY
BLUETOOTH TECHNOLOGY
AJAL A J
 
CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session
Joseph Holbrook, Chief Learning Officer (CLO)
 
VPN
VPNVPN
VPN
Swarup Kumar Mall
 
Gab 2015 aymeric weinbach azure iot
Gab 2015 aymeric weinbach azure iot Gab 2015 aymeric weinbach azure iot
Gab 2015 aymeric weinbach azure iot Aymeric Weinbach
 
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
Priyanka Aash
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsGordon Haff
 
Bluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap VelpuruBluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap Velpuru
kashyap velpuru
 
Kura M2M IoT Gateway
Kura M2M IoT GatewayKura M2M IoT Gateway
Kura M2M IoT Gateway
Eurotech
 
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the RescueIndustrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
Eurotech
 
Zephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdfZephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdf
ibramax
 
6-IoT protocol.pptx
6-IoT protocol.pptx6-IoT protocol.pptx
6-IoT protocol.pptx
Pratik Gohel
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
veerababu penugonda(Mr-IoT)
 

Similar to (Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design (20)

Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_fin
 
Wireless personal area networks(PAN)
Wireless personal area networks(PAN)Wireless personal area networks(PAN)
Wireless personal area networks(PAN)
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_Networks
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation
 
Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem
 
CompTIA Security Plus Overview
CompTIA Security Plus OverviewCompTIA Security Plus Overview
CompTIA Security Plus Overview
 
Iot Security
Iot SecurityIot Security
Iot Security
 
BLUETOOTH TECHNOLOGY
BLUETOOTH TECHNOLOGYBLUETOOTH TECHNOLOGY
BLUETOOTH TECHNOLOGY
 
CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session CompTIA Security Plus Mini Bootcamp Session
CompTIA Security Plus Mini Bootcamp Session
 
VPN
VPNVPN
VPN
 
Vp ns
Vp nsVp ns
Vp ns
 
Gab 2015 aymeric weinbach azure iot
Gab 2015 aymeric weinbach azure iot Gab 2015 aymeric weinbach azure iot
Gab 2015 aymeric weinbach azure iot
 
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of Things
 
Bluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap VelpuruBluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap Velpuru
 
Kura M2M IoT Gateway
Kura M2M IoT GatewayKura M2M IoT Gateway
Kura M2M IoT Gateway
 
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the RescueIndustrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
 
Zephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdfZephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdf
 
6-IoT protocol.pptx
6-IoT protocol.pptx6-IoT protocol.pptx
6-IoT protocol.pptx
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
Priyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
Priyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Priyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
Priyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
Priyanka Aash
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Priyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
Priyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
Priyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
Priyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
Priyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
Priyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Priyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Priyanka Aash
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
Priyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 

Recently uploaded

Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 

Recently uploaded (20)

Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 

(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design

  • 1. Designing IoT Networks & Ecosystems to thwart low power communication protocol attacks Sumanth Naropanth & Nitin Lakshmanan DEEP ARMOR
  • 2. Agenda • Technical overview of an IoT/wearable ecosystem • Building blocks • Communication Protocols • Hands-on Exercises • IEEE 802.15.4/ZigBee • Bluetooth and BLE • AWS IoT Core • Security Development Lifecycle (SDL) overview
  • 3. Instructors • Nitin Lakshmanan • Security Analyst — Deep Armor • Aujas Networks, Aricent/Intel • Sumanth Naropanth • Founder and CEO — Deep Armor • Intel, Palm/HP, Sun Microsystems • Security consulting, vulnerability testing, SDL and training services for emerging technologies • www.deeparmor.com | @deep_armor
  • 5. Attacks on IoT products
  • 6. Gateway Weak Links Zigbee/Z-Wave/RF HTTP/S NB-IoT Cat M1 WiFi/BT/BLE/NFC/ANT+ HTTP/S - HW access - Secure Boot/FOTA - Crypto/Key Management - DARE - Node Spoofing - Node security requirements (see below) + - If (Rich OS), OS security - User Management - Secure Configuration - API security - Portal/UI security - Crypto/Key management - Container Security - Network security - Weaknesses in Wireless Standards - Side channel and timing attacks - Secure Provisioning - Secure Data Transmission - User/App Identification - Implementation weaknesses - Crypto - Crypto/Key Management Nod e Nod e Nod e Cloud (AWS/GCP/Azure/Private) - Secure Identification - Secure Debug - Secure Provisioning - Protocol attacks - Sensor value tampering WiFi/BT/BLE/NFC/ANT+
  • 7. Communication Channels Back End Services Gateway Gateway Node Node Node Node Node Node Sensors Sensors Sensors Sensors HTTP/HTTPS HTTP/HTTPS HTTP/HTTPS BT/BLE/WiFi/NFC/WiFi-Direct BT/BLE/NFC BLE/ANT+ Zigbee/Z-wave BLE/ANT+ Zigbee/Z-wave
  • 10. Zigbee • Low data rate wireless applications • Smart energy, medical, home automation, IIoT • Two bands of operation: 868/915MHz and 2450MHz • Simpler & less expensive than Bluetooth • 10-100m range • Zigbee Alliance
  • 11. Zigbee Security Model • Open Trust model (Device Trust Boundary) • Crypto protection • Network Key • Link Key (App Support Sublayer) • Secure key storage assumptions • Transmission of network key for new nodes • Hard-coded Trust Center Link Keys
  • 13. 802.15.4 • IEEE standard for low-rate wireless personal area networks (LR-WPANs) • 6LoWPAN for IPv6 over WPANs • Zigbee extends 802.15.4 (wrapper services) Application Presentation Session Transport Network Data Link Physical Logical Link Control Media Access Control
  • 14. Exercise 1a Generating & Analyzing IEEE 802.15.4 WSN packets (MAC Layer)
  • 16. Attacking WSN - Setup • IoT product simulator • Zigbee-like 802.15.4 based communication protocol • Packet sniffing, capture and injection • Goals: • Basic packet header formats • Security models for protecting comms • Hardware and software tools for packet sniffing & injection
  • 17. Setup Victim (Sender & Receiver) Attacker
  • 22. Outline HMAC (DA packet payload) HMAC (DD packet payload Manipulate Payload Sniff Inject Demo 2a
  • 24. Can we attack something else?
  • 26. Outline HMAC (DA packet payload) HMAC (DD packet payload) Manipulate SEQ NUM Sniff Inject Demo 2b
  • 27. Exercise 2 Manipulating the SEQ NUM header
  • 29. Outline HMAC (DA packet payload + headers) Manipulate SEQ NUM/payload HMAC (DD packet payload + headers) Sniff Inject Demo 3
  • 30. Hardening Wireless Sensor Networks • Integrity of the packet is maintained • HMAC implemented for integrity protection • With Cryptographic hash function like SHA256 • Key provisioning can be via many ways - DH, for example
  • 31. Bluetooth and Bluetooth Low Energy (BLE)
  • 32. GAP Defines how devices discover, connect and create bonding between them SMP Protocol for pairing and key distribution and authenticating other device Shared secrets can be managed and hence speed-up the reconnection process L2CAP Multiplexing layer for BLE GATT Describes characteristics, services and type of attributes/ their usage ATT Simple Client/ Server stateless protocol with rules for accessing data on a peer device Overview: Bluetooth Stack
  • 33. Intro to BLE • Wireless protocol for short range data exchange (~10 to 100 m) • Light-weight subset of classic Bluetooth with low power consumption • Operates in radio frequencies between 2.4 to 2.485 GHz • Managed by the Bluetooth Special Interest Group (SIG) • Use cases include wearable devices, smart pay systems, smart security systems etc
  • 34. BLE Security Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
  • 35. Pairing Algorithms Secure Simple Pairing • Just Works: very limited/ no user interface • Numeric Comparison: devices with display plus yes/no button • Passkey Entry: 6 digit pin as the pass key • Out Of Band: Use of an out of the band channel against MITM attacks
  • 36. Security weaknesses in BT/BLE • Security of the communication link depends on pairing algorithm • Eaves dropping on pairing mechanism compromises encryption keys • ‘Just works’ mode prone to MITM attacks • Apps (on the same phone as the companion app) snooping on encrypted BLE traffic – Let’s explore this!
  • 37. BT/BLE Security - Tools • Ubertooth • Bluefruit LE sniffer • NRFsniffer (Nordic BLE sniffer) • Ellisys sniffer
  • 38. BLE packet eavesdropping with Ubertooth
  • 39. Overview • Market products for fitness tracking • Use Bluetooth Low Energy • Packet sniffing, capture and cracking LE encryption • Goals: • BLE traffic eavesdropping • Tools to crack the basic security offered by BLE spec
  • 40. Setup
  • 41. Problems & Packet Injection • Multiple advertising channels (37, 38, 39) • Uncertainty —> 3 Ubertooths are better than 1 • Custom FW for packet injection
  • 42. Exercise 1 BLE Packet Analysis using Wireshark
  • 43. Understanding BLE pcaps • Protocol Data Unit • PDU length determines —> advertising packet or not •pdu_type == 5 [connection request by bluetooth device ]
  • 44. Exercise 2 Crackle - breaking LE encryption
  • 45. Stealing the LTK Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
  • 47. Options • Basic security- Switch on LE encryption • Crackle can break it! • Holistic Security — Application level encryption on top of network-level encryption • LE Privacy Mode
  • 49. BT/BLE problems with Android and iOS Device Commands: • Put device into recovery mode • Do a FW update • Change Device (BLE) name Notifications: • Social apps • Calls and texts Information: • User activity data • User profile updates • Application action (calls, music control) • Call/text/social updates (sometimes) ATTACKER
  • 50. Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Step Count & Calories Demo X
  • 51. Root Cause All applications on Android and iOS can subscribe to the BT service and get the data on the same BT channels or BLE characteristics as the legitimate app • Android • android.permission.BLUETOOTH • android.permission.BLUETOOTH_ADMIN – quote: • iOS • Core Bluetooth (CB) Framework • Centrals (client/phone) and Peripherals (server/wearable) classes
  • 53. Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Encrypted (Step Count, Distance & Calories) LTK-encrypted Decrypted (Step Count, Distance & Calories)
  • 54. LTK-Encryption What happened there? Decrypted (Step Count, Distance & Calories) Decrypted ((Encrypted(Step Count, Distance & Calories)) LTK-Encrypted (Step Count, Distance & Calories) Wrapper Service B Wrapper Service A Encryption BLE Link Layer
  • 55. Challenges • Multiple mobile devices per device • Key provisioning and OOBE exposure • Solution • Use the Cloud
  • 57. What is it? • Managed cloud service for connected devices to interact with cloud applications • Connect and manage devices • Secure the communication • Process and Act • Monitor
  • 58. Demo & Exercise • Setup AWS IoT core Policy Thing Certs IoT Device Simulat or MQTT • Creating Policy/Thing/Certificates and attaching them to certificate • Run IoT device simulators from laptops • Observe traffic in Wireshark
  • 59. Topics of Interest • Review of overly permissive policies • Wild card should be avoided [iot : *] • iot:Publish/UpdateJobExecution/GetThingShadow • Must specify ARN of resource [wildcard * should not be used]
  • 60. Topics of Interest • AWS forces MQTT over TLS • All traffic to and from AWS IoT must be encrypted over Transport Layer Security (TLS). • AWS Authentication • X.509 certificates • IAM users, groups, and roles • Amazon Cognito identities • Federated identities
  • 62. Need for SDL • Next-gen SDL • For IoT, wearable and cloud technologies. • Especially when they all come together • Ecosystem security • Agile • Security, Privacy and Legal woven into the development cycle • Leveraging industry standards
  • 63. Security Architecture, Privacy Requirements Threat Modeling, Attack Trees & Data Access Reviews Focused Security Code Reviews & Privacy Planning Fuzzing, Penetration Testing, Privacy Sign-off Fix verification, Incident Response Planning Delta Security Assessment, Security for Continuous Integration/Deliv ery Program Conception Design Implementation Pre-Launch Deployment Maintenance Reviews Reviews & Reports Reports Resolution & Sign-off Reports IoT Mobil e Cloud Security Development Lifecycle Approach
  • 65. Challenges: Securing a never- before gadget • Lack of tactical SDL frameworks for rapid time-to-market products with constantly evolving requirements • Diverse, non-standard and evolving communication protocols • Weaknesses in adoption of protocol specifications • Long lives for IoT products • Privacy • Nascent research in IoT security
  • 66. Challenges - Technical • Collection of personal data and PII is higher • Geo-location information • Biometric data • Sensor data • Payment services • Limited SW stack —> security may get compromised • Often FW running on micro-controllers • Field updates are difficult • Asymmetric key crypto, TEEs, etc. are heavy • Multi-tier, multi-tenant product architecture • Cross-domain flows • Multiple exposure points as a consequence
  • 67. Privacy • Why worry? • Global Markets • Country-specific guidelines • Ecosystems and overlapping policies
  • 68. Summary • Plethora of protocols (and standards) • Custom hardware & software for IoT comms penetration testing • RZUSBStick works great. Also, APImote • Not much else • BT/BLE sniffing is still sketchy • SDL/SPDL and Shift-left Mobil e Clou d IoT devic e Communicatio n channel
  • 69. www.deeparmor.com | @deep_armor | services@deeparmor.com SDL Vulnerability Assessments Security Consulting Trainings