Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Smart Router

44 views

Published on

Smart Router presentation by Benjamin Nicodeme on May 31, 2018. The smart router project aims to detect compromised IoT devices.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Smart Router

  1. 1. Smart Router project Benjamin Nicodeme 31 May 2018
  2. 2. Smart Router • Objectives • Tools • Design • Sniffing • Analysing • Alerting • Future work • Conclusion Goal - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  3. 3. Objectives • Detect malicious IoT traffic • SOHO network • Generate logs & alerts Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  4. 4. Tools • Python3 • OpenWRT • Scapy • SQLite3 • lighttpd • Vagrant Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  5. 5. Design Smart Router Internet Servers Smart light IP camera Smart TV Computer Random IoT device Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  6. 6. Design Smart Router Internet Servers Smart light IP camera Smart TV Computer Random IoT device Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  7. 7. Standard traffic Design Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  8. 8. Standard traffic Design Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  9. 9. Standard traffic Design Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  10. 10. Design Sniffed traffic Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  11. 11. Design Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  12. 12. Design Infected IoT traffic Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  13. 13. Design Infected IoT traffic Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  14. 14. Design Infected IoT traffic Smart Tv is infected ! Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  15. 15. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  16. 16. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 Q:What is samsung.com Ip address ? Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  17. 17. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 Q:What is samsung.com Ip address ? Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  18. 18. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 A:samsung.com ip address is 1.1.1.1 Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  19. 19. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 samsung.com: 1.1.1.1 1.1.1.1 = samsung.com Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  20. 20. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 1.1.1.1 = samsung.com SmartTv -> 1.1.1.1 Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  21. 21. Sniffing samsung.com 1.1.1.1 DNS 8.8.8.8 1.1.1.1 = samsung.com SmartTv -> 1.1.1.1 Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion SmartTv -> samsung.com
  22. 22. Analysing Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  23. 23. Analysing Traffic of one IoT across time Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  24. 24. Analysing Learning period Traffic of one IoT across time Time Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  25. 25. Analysing Learning period Traffic of one IoT across time Time ‘Trusted’ domains Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  26. 26. Analysing ‘Untrusted’ domains Time Learning period Traffic of one IoT across time ‘Trusted’ domains Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  27. 27. Analysing ‘Untrusted’ domains Time Learning period Traffic of one IoT across time ‘Trusted’ domains Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  28. 28. Alerting Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  29. 29. Alerting • Web server • Slack Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  30. 30. Future work • Web Configuration • Dynamic IoT discover • Machine learning • Support more protocols • . . . Objectives - Tools - Design - Sniffing - Analysing - Alerting - Future work - Conclusion
  31. 31. Conclusion
  32. 32. Questions ?

×