SlideShare a Scribd company logo

(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design

Priyanka Aash
Priyanka Aash

The document discusses security challenges and approaches for IoT networks and ecosystems. It provides an overview of common IoT communication protocols like Zigbee, Bluetooth Low Energy, and IEEE 802.15.4. It then demonstrates hands-on exercises attacking these protocols by sniffing and manipulating packets. It also discusses securing the AWS IoT platform and introduces the security development lifecycle approach for securing IoT products throughout the development process.

1 of 69
Downloaded 58 times
Designing IoT Networks & Ecosystems to thwart low power communication protocol attacks Sumanth Naropanth & Nitin Lakshmanan DEEP ARMOR
Agenda • Technical overview of an IoT/wearable ecosystem • Building blocks • Communication Protocols • Hands-on Exercises • IEEE 802.15.4/ZigBee • Bluetooth and BLE • AWS IoT Core • Security Development Lifecycle (SDL) overview
Instructors • Nitin Lakshmanan • Security Analyst — Deep Armor • Aujas Networks, Aricent/Intel • Sumanth Naropanth • Founder and CEO — Deep Armor • Intel, Palm/HP, Sun Microsystems • Security consulting, vulnerability testing, SDL and training services for emerging technologies • www.deeparmor.com | @deep_armor
Gateway IoT Ecosystem Zigbee/Z-Wave/RF HTTP/S NB-IoT Cat M1 WiFi/BT/BLE/NFC/ANT+ HTTP/S Nod e Nod e Nod e Cloud (AWS/GCP/Azure/Private) WiFi/BT/BLE/NFC/ANT+
Attacks on IoT products
Gateway Weak Links Zigbee/Z-Wave/RF HTTP/S NB-IoT Cat M1 WiFi/BT/BLE/NFC/ANT+ HTTP/S - HW access - Secure Boot/FOTA - Crypto/Key Management - DARE - Node Spoofing - Node security requirements (see below) + - If (Rich OS), OS security - User Management - Secure Configuration - API security - Portal/UI security - Crypto/Key management - Container Security - Network security - Weaknesses in Wireless Standards - Side channel and timing attacks - Secure Provisioning - Secure Data Transmission - User/App Identification - Implementation weaknesses - Crypto - Crypto/Key Management Nod e Nod e Nod e Cloud (AWS/GCP/Azure/Private) - Secure Identification - Secure Debug - Secure Provisioning - Protocol attacks - Sensor value tampering WiFi/BT/BLE/NFC/ANT+
Communication Channels Back End Services Gateway Gateway Node Node Node Node Node Node Sensors Sensors Sensors Sensors HTTP/HTTPS HTTP/HTTPS HTTP/HTTPS BT/BLE/WiFi/NFC/WiFi-Direct BT/BLE/NFC BLE/ANT+ Zigbee/Z-wave BLE/ANT+ Zigbee/Z-wave
IoT Protocols BLE Blueto oth Zigbe e DSMx NFC ANT+ Z-Wave Wi-Fi Cellular MQTT 6LoWP AN RFID SigFox CoAP Thread LTE 4G DASH nWave
Zigbee
Zigbee • Low data rate wireless applications • Smart energy, medical, home automation, IIoT • Two bands of operation: 868/915MHz and 2450MHz • Simpler & less expensive than Bluetooth • 10-100m range • Zigbee Alliance
Zigbee Security Model • Open Trust model (Device Trust Boundary) • Crypto protection • Network Key • Link Key (App Support Sublayer) • Secure key storage assumptions • Transmission of network key for new nodes • Hard-coded Trust Center Link Keys
IEEE 802.15.4
802.15.4 • IEEE standard for low-rate wireless personal area networks (LR-WPANs) • 6LoWPAN for IPv6 over WPANs • Zigbee extends 802.15.4 (wrapper services) Application Presentation Session Transport Network Data Link Physical Logical Link Control Media Access Control
Exercise 1a Generating & Analyzing IEEE 802.15.4 WSN packets (MAC Layer)
Packet Structure Payload [DA/DD] [DATA] SRC SEQ NUM PAN ID DST
Attacking WSN - Setup • IoT product simulator • Zigbee-like 802.15.4 based communication protocol • Packet sniffing, capture and injection • Goals: • Basic packet header formats • Security models for protecting comms • Hardware and software tools for packet sniffing & injection
Setup Victim (Sender & Receiver) Attacker
Packet Sniffing/Injection
Outline DA Packets DD Packets Manipulate Payload Sniff Inject Demo 1
Exercise 1b Packet Manipulation using Scapy
Hardening the WSN
Outline HMAC (DA packet payload) HMAC (DD packet payload Manipulate Payload Sniff Inject Demo 2a
Is that enough?
Can we attack something else?
Packet Structure Payload [DA/DD] [DATA] SRC SEQ NUM PAN ID DST
Outline HMAC (DA packet payload) HMAC (DD packet payload) Manipulate SEQ NUM Sniff Inject Demo 2b
Exercise 2 Manipulating the SEQ NUM header
Hardening the WSN
Outline HMAC (DA packet payload + headers) Manipulate SEQ NUM/payload HMAC (DD packet payload + headers) Sniff Inject Demo 3
Hardening Wireless Sensor Networks • Integrity of the packet is maintained • HMAC implemented for integrity protection • With Cryptographic hash function like SHA256 • Key provisioning can be via many ways - DH, for example
Bluetooth and Bluetooth Low Energy (BLE)
GAP Defines how devices discover, connect and create bonding between them SMP Protocol for pairing and key distribution and authenticating other device Shared secrets can be managed and hence speed-up the reconnection process L2CAP Multiplexing layer for BLE GATT Describes characteristics, services and type of attributes/ their usage ATT Simple Client/ Server stateless protocol with rules for accessing data on a peer device Overview: Bluetooth Stack
Intro to BLE • Wireless protocol for short range data exchange (~10 to 100 m) • Light-weight subset of classic Bluetooth with low power consumption • Operates in radio frequencies between 2.4 to 2.485 GHz • Managed by the Bluetooth Special Interest Group (SIG) • Use cases include wearable devices, smart pay systems, smart security systems etc
BLE Security Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
Pairing Algorithms Secure Simple Pairing • Just Works: very limited/ no user interface • Numeric Comparison: devices with display plus yes/no button • Passkey Entry: 6 digit pin as the pass key • Out Of Band: Use of an out of the band channel against MITM attacks
Security weaknesses in BT/BLE • Security of the communication link depends on pairing algorithm • Eaves dropping on pairing mechanism compromises encryption keys • ‘Just works’ mode prone to MITM attacks • Apps (on the same phone as the companion app) snooping on encrypted BLE traffic – Let’s explore this!
BT/BLE Security - Tools • Ubertooth • Bluefruit LE sniffer • NRFsniffer (Nordic BLE sniffer) • Ellisys sniffer
BLE packet eavesdropping with Ubertooth
Overview • Market products for fitness tracking • Use Bluetooth Low Energy • Packet sniffing, capture and cracking LE encryption • Goals: • BLE traffic eavesdropping • Tools to crack the basic security offered by BLE spec
Setup
Problems & Packet Injection • Multiple advertising channels (37, 38, 39) • Uncertainty —> 3 Ubertooths are better than 1 • Custom FW for packet injection
Exercise 1 BLE Packet Analysis using Wireshark
Understanding BLE pcaps • Protocol Data Unit • PDU length determines —> advertising packet or not •pdu_type == 5 [connection request by bluetooth device ]
Exercise 2 Crackle - breaking LE encryption
Stealing the LTK Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
Hardening BLE
Options • Basic security- Switch on LE encryption • Crackle can break it! • Holistic Security — Application level encryption on top of network-level encryption • LE Privacy Mode
Hacking [Wearable - Mobile] Channels
BT/BLE problems with Android and iOS Device Commands: • Put device into recovery mode • Do a FW update • Change Device (BLE) name Notifications: • Social apps • Calls and texts Information: • User activity data • User profile updates • Application action (calls, music control) • Call/text/social updates (sometimes) ATTACKER
Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Step Count & Calories Demo X
Root Cause All applications on Android and iOS can subscribe to the BT service and get the data on the same BT channels or BLE characteristics as the legitimate app • Android • android.permission.BLUETOOTH • android.permission.BLUETOOTH_ADMIN – quote: • iOS • Core Bluetooth (CB) Framework • Centrals (client/phone) and Peripherals (server/wearable) classes
Hardening
Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Encrypted (Step Count, Distance & Calories) LTK-encrypted Decrypted (Step Count, Distance & Calories)
LTK-Encryption What happened there? Decrypted (Step Count, Distance & Calories) Decrypted ((Encrypted(Step Count, Distance & Calories)) LTK-Encrypted (Step Count, Distance & Calories) Wrapper Service B Wrapper Service A Encryption BLE Link Layer
Challenges • Multiple mobile devices per device • Key provisioning and OOBE exposure • Solution • Use the Cloud
AWS IoT Core
What is it? • Managed cloud service for connected devices to interact with cloud applications • Connect and manage devices • Secure the communication • Process and Act • Monitor
Demo & Exercise • Setup AWS IoT core Policy Thing Certs IoT Device Simulat or MQTT • Creating Policy/Thing/Certificates and attaching them to certificate • Run IoT device simulators from laptops • Observe traffic in Wireshark
Topics of Interest • Review of overly permissive policies • Wild card should be avoided [iot : *] • iot:Publish/UpdateJobExecution/GetThingShadow • Must specify ARN of resource [wildcard * should not be used]
Topics of Interest • AWS forces MQTT over TLS • All traffic to and from AWS IoT must be encrypted over Transport Layer Security (TLS). • AWS Authentication • X.509 certificates • IAM users, groups, and roles • Amazon Cognito identities • Federated identities
Security Development Lifecycle
Need for SDL • Next-gen SDL • For IoT, wearable and cloud technologies. • Especially when they all come together • Ecosystem security • Agile • Security, Privacy and Legal woven into the development cycle • Leveraging industry standards
Security Architecture, Privacy Requirements Threat Modeling, Attack Trees & Data Access Reviews Focused Security Code Reviews & Privacy Planning Fuzzing, Penetration Testing, Privacy Sign-off Fix verification, Incident Response Planning Delta Security Assessment, Security for Continuous Integration/Deliv ery Program Conception Design Implementation Pre-Launch Deployment Maintenance Reviews Reviews & Reports Reports Resolution & Sign-off Reports IoT Mobil e Cloud Security Development Lifecycle Approach
Unshackling from traditional SDL
Challenges: Securing a never- before gadget • Lack of tactical SDL frameworks for rapid time-to-market products with constantly evolving requirements • Diverse, non-standard and evolving communication protocols • Weaknesses in adoption of protocol specifications • Long lives for IoT products • Privacy • Nascent research in IoT security
Challenges - Technical • Collection of personal data and PII is higher • Geo-location information • Biometric data • Sensor data • Payment services • Limited SW stack —> security may get compromised • Often FW running on micro-controllers • Field updates are difficult • Asymmetric key crypto, TEEs, etc. are heavy • Multi-tier, multi-tenant product architecture • Cross-domain flows • Multiple exposure points as a consequence
Privacy • Why worry? • Global Markets • Country-specific guidelines • Ecosystems and overlapping policies
Summary • Plethora of protocols (and standards) • Custom hardware & software for IoT comms penetration testing • RZUSBStick works great. Also, APImote • Not much else • BT/BLE sniffing is still sketchy • SDL/SPDL and Shift-left Mobil e Clou d IoT devic e Communicatio n channel
www.deeparmor.com | @deep_armor | services@deeparmor.com SDL Vulnerability Assessments Security Consulting Trainings
Ad

Recommended

State Of Automotive Security
State Of Automotive SecurityState Of Automotive Security
State Of Automotive Security
Priyanka Aash
 
From The Hidden Internet: Lesson From 12 Months Of Monitoring
From The Hidden Internet: Lesson From 12 Months Of MonitoringFrom The Hidden Internet: Lesson From 12 Months Of Monitoring
From The Hidden Internet: Lesson From 12 Months Of Monitoring
Priyanka Aash
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
How VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at RiskHow VPNs and Firewalls Put Your Organization at Risk
How VPNs and Firewalls Put Your Organization at Risk
Cyxtera Technologies
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
Simplex
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat Modeling
Dr. Anish Cheriyan (PhD)
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
InnoTech
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simple
Sameer Paradia
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Cisco Security
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
VMUG IT
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
Shah Sheikh
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat Security Conference
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
Cisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
Sean Xie
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 
Controlling Bluetooth Low Energy Devices
Controlling Bluetooth Low Energy DevicesControlling Bluetooth Low Energy Devices
Controlling Bluetooth Low Energy Devices
Keerati Torach
 
R U aBLE? BLE Application Hacking
R U aBLE? BLE Application HackingR U aBLE? BLE Application Hacking
R U aBLE? BLE Application Hacking
Tal Melamed
 
Ad

More Related Content

What's hot (20)

Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Cisco Security
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
VMUG IT
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
Shah Sheikh
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat Security Conference
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
Cisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
Sean Xie
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Priyanka Aash
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Cisco Security
 
How to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network SecurityHow to Overcome Network Access Control Limitations for Better Network Security
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
VMUG IT
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
Shah Sheikh
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat Security Conference
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
Cisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019
Sean Xie
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 

Similar to (Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design (20)

Controlling Bluetooth Low Energy Devices
Controlling Bluetooth Low Energy DevicesControlling Bluetooth Low Energy Devices
Controlling Bluetooth Low Energy Devices
Keerati Torach
 
R U aBLE? BLE Application Hacking
R U aBLE? BLE Application HackingR U aBLE? BLE Application Hacking
R U aBLE? BLE Application Hacking
Tal Melamed
 
Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...
Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...
Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...
IRJET Journal
 
Undestanding Bluetooth
Undestanding BluetoothUndestanding Bluetooth
Undestanding Bluetooth
Leopoldo Armesto
 
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...
Shakacon
 
Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_fin
PacSecJP
 
Can a browser become an IoT Gateway?
Can a browser become an IoT Gateway?Can a browser become an IoT Gateway?
Can a browser become an IoT Gateway?
Sooraj Sanker
 
Iot ble and_beacons_2015_nov28
Iot ble and_beacons_2015_nov28Iot ble and_beacons_2015_nov28
Iot ble and_beacons_2015_nov28
Ravikiran HV
 
iOT - Developing beacons
iOT - Developing beaconsiOT - Developing beacons
iOT - Developing beacons
sandeephegde
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
Brian Knopf
 
Introduction to Bluetooth low energy
Introduction to Bluetooth low energyIntroduction to Bluetooth low energy
Introduction to Bluetooth low energy
NEEVEE Technologies
 
Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem
NiclasGranqvist
 
BLE Talk
BLE TalkBLE Talk
BLE Talk
programmarchy
 
THAT_2023_BLE.pdf
THAT_2023_BLE.pdfTHAT_2023_BLE.pdf
THAT_2023_BLE.pdf
Robin Schroeder
 
Introduction to Bluetooth Low Energy
Introduction to Bluetooth Low EnergyIntroduction to Bluetooth Low Energy
Introduction to Bluetooth Low Energy
NEEVEE Technologies
 
Ble overview and_implementation
Ble overview and_implementationBle overview and_implementation
Ble overview and_implementation
Stanley Chang
 
6-IoT protocol.pptx
6-IoT protocol.pptx6-IoT protocol.pptx
6-IoT protocol.pptx
Pratik Gohel
 
A Brief Introduction to Bluetooth Low Energy (BLE) on iOS
A Brief Introduction to Bluetooth Low Energy (BLE) on iOSA Brief Introduction to Bluetooth Low Energy (BLE) on iOS
A Brief Introduction to Bluetooth Low Energy (BLE) on iOS
Matt Whitlock
 
Bluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap VelpuruBluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap Velpuru
kashyap velpuru
 
Attacking and Crashing IoT Devices via Bluetooth LE protocol
Attacking and Crashing IoT Devices via Bluetooth LE protocolAttacking and Crashing IoT Devices via Bluetooth LE protocol
Attacking and Crashing IoT Devices via Bluetooth LE protocol
Cysinfo Cyber Security Community
 
Controlling Bluetooth Low Energy Devices
Controlling Bluetooth Low Energy DevicesControlling Bluetooth Low Energy Devices
Controlling Bluetooth Low Energy Devices
Keerati Torach
 
R U aBLE? BLE Application Hacking
R U aBLE? BLE Application HackingR U aBLE? BLE Application Hacking
R U aBLE? BLE Application Hacking
Tal Melamed
 
Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...
Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...
Assessing Vulnerabilities in Bluetooth Low Energy (BLE) Wireless Network base...
IRJET Journal
 
Undestanding Bluetooth
Undestanding BluetoothUndestanding Bluetooth
Undestanding Bluetooth
Leopoldo Armesto
 
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...
Shakacon
 
Kavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_finKavya racharla ndh-naropanth_fin
Kavya racharla ndh-naropanth_fin
PacSecJP
 
Can a browser become an IoT Gateway?
Can a browser become an IoT Gateway?Can a browser become an IoT Gateway?
Can a browser become an IoT Gateway?
Sooraj Sanker
 
Iot ble and_beacons_2015_nov28
Iot ble and_beacons_2015_nov28Iot ble and_beacons_2015_nov28
Iot ble and_beacons_2015_nov28
Ravikiran HV
 
iOT - Developing beacons
iOT - Developing beaconsiOT - Developing beacons
iOT - Developing beacons
sandeephegde
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
Brian Knopf
 
Introduction to Bluetooth low energy
Introduction to Bluetooth low energyIntroduction to Bluetooth low energy
Introduction to Bluetooth low energy
NEEVEE Technologies
 
Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem Bluetooth technology introduction and ecosystem
Bluetooth technology introduction and ecosystem
NiclasGranqvist
 
BLE Talk
BLE TalkBLE Talk
BLE Talk
programmarchy
 
THAT_2023_BLE.pdf
THAT_2023_BLE.pdfTHAT_2023_BLE.pdf
THAT_2023_BLE.pdf
Robin Schroeder
 
Introduction to Bluetooth Low Energy
Introduction to Bluetooth Low EnergyIntroduction to Bluetooth Low Energy
Introduction to Bluetooth Low Energy
NEEVEE Technologies
 
Ble overview and_implementation
Ble overview and_implementationBle overview and_implementation
Ble overview and_implementation
Stanley Chang
 
6-IoT protocol.pptx
6-IoT protocol.pptx6-IoT protocol.pptx
6-IoT protocol.pptx
Pratik Gohel
 
A Brief Introduction to Bluetooth Low Energy (BLE) on iOS
A Brief Introduction to Bluetooth Low Energy (BLE) on iOSA Brief Introduction to Bluetooth Low Energy (BLE) on iOS
A Brief Introduction to Bluetooth Low Energy (BLE) on iOS
Matt Whitlock
 
Bluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap VelpuruBluetooth low energy- Kashyap Velpuru
Bluetooth low energy- Kashyap Velpuru
kashyap velpuru
 
Attacking and Crashing IoT Devices via Bluetooth LE protocol
Attacking and Crashing IoT Devices via Bluetooth LE protocolAttacking and Crashing IoT Devices via Bluetooth LE protocol
Attacking and Crashing IoT Devices via Bluetooth LE protocol
Cysinfo Cyber Security Community
 
Ad

More from Priyanka Aash (20)

Keynote : Presentation on SASE Technology
Keynote : Presentation on SASE TechnologyKeynote : Presentation on SASE Technology
Keynote : Presentation on SASE Technology
Priyanka Aash
 
Keynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive SecurityKeynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive Security
Priyanka Aash
 
Redefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI CapabilitiesRedefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI Capabilities
Priyanka Aash
 
Demystifying Neural Networks And Building Cybersecurity Applications
Demystifying Neural Networks And Building Cybersecurity ApplicationsDemystifying Neural Networks And Building Cybersecurity Applications
Demystifying Neural Networks And Building Cybersecurity Applications
Priyanka Aash
 
Finetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and DefendingFinetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and Defending
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Incident Response .pdf
(CISOPlatform Summit & SACON 2024) Incident Response .pdf(CISOPlatform Summit & SACON 2024) Incident Response .pdf
(CISOPlatform Summit & SACON 2024) Incident Response .pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) GRC.pdf
(CISOPlatform Summit & SACON 2024) GRC.pdf(CISOPlatform Summit & SACON 2024) GRC.pdf
(CISOPlatform Summit & SACON 2024) GRC.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
Priyanka Aash
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
Priyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
Priyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Priyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
Priyanka Aash
 
Keynote : Presentation on SASE Technology
Keynote : Presentation on SASE TechnologyKeynote : Presentation on SASE Technology
Keynote : Presentation on SASE Technology
Priyanka Aash
 
Keynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive SecurityKeynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive Security
Priyanka Aash
 
Redefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI CapabilitiesRedefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI Capabilities
Priyanka Aash
 
Demystifying Neural Networks And Building Cybersecurity Applications
Demystifying Neural Networks And Building Cybersecurity ApplicationsDemystifying Neural Networks And Building Cybersecurity Applications
Demystifying Neural Networks And Building Cybersecurity Applications
Priyanka Aash
 
Finetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and DefendingFinetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and Defending
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Incident Response .pdf
(CISOPlatform Summit & SACON 2024) Incident Response .pdf(CISOPlatform Summit & SACON 2024) Incident Response .pdf
(CISOPlatform Summit & SACON 2024) Incident Response .pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) GRC.pdf
(CISOPlatform Summit & SACON 2024) GRC.pdf(CISOPlatform Summit & SACON 2024) GRC.pdf
(CISOPlatform Summit & SACON 2024) GRC.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
Priyanka Aash
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
Priyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
Priyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Priyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
Priyanka Aash
 
Ad

Recently uploaded (20)

Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...
Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...
Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...
UXPA Boston
 
Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...
Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...
Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...
Vasileios Komianos
 
May Patch Tuesday
May Patch TuesdayMay Patch Tuesday
May Patch Tuesday
Ivanti
 
Understanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdfUnderstanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdf
Fulcrum Concepts, LLC
 
Best 10 Free AI Character Chat Platforms
Best 10 Free AI Character Chat PlatformsBest 10 Free AI Character Chat Platforms
Best 10 Free AI Character Chat Platforms
Soulmaite
 
AI and Meaningful Work by Pablo Fernández Vallejo
AI and Meaningful Work by Pablo Fernández VallejoAI and Meaningful Work by Pablo Fernández Vallejo
AI and Meaningful Work by Pablo Fernández Vallejo
UXPA Boston
 
Mastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B LandscapeMastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B Landscape
marketing943205
 
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptxUiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
anabulhac
 
Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?
Eric Torreborre
 
Google DeepMind’s New AI Coding Agent AlphaEvolve.pdf
Google DeepMind’s New AI Coding Agent AlphaEvolve.pdfGoogle DeepMind’s New AI Coding Agent AlphaEvolve.pdf
Google DeepMind’s New AI Coding Agent AlphaEvolve.pdf
derrickjswork
 
AI and Gender: Decoding the Sociological Impact
AI and Gender: Decoding the Sociological ImpactAI and Gender: Decoding the Sociological Impact
AI and Gender: Decoding the Sociological Impact
SaikatBasu37
 
UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...
UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...
UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...
UXPA Boston
 
AI needs Hybrid Cloud - TEC conference 2025.pptx
AI needs Hybrid Cloud - TEC conference 2025.pptxAI needs Hybrid Cloud - TEC conference 2025.pptx
AI needs Hybrid Cloud - TEC conference 2025.pptx
Shikha Srivastava
 
In-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptx
In-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptxIn-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptx
In-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptx
aptyai
 
Refactoring meta-rauc-community: Cleaner Code, Better Maintenance, More Machines
Refactoring meta-rauc-community: Cleaner Code, Better Maintenance, More MachinesRefactoring meta-rauc-community: Cleaner Code, Better Maintenance, More Machines
Refactoring meta-rauc-community: Cleaner Code, Better Maintenance, More Machines
Leon Anavi
 
Secondary Storage for a microcontroller system
Secondary Storage for a microcontroller systemSecondary Storage for a microcontroller system
Secondary Storage for a microcontroller system
fizarcse
 
Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...
Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...
Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...
User Vision
 
Is Your QA Team Still Working in Silos? Here's What to Do.
Is Your QA Team Still Working in Silos? Here's What to Do.Is Your QA Team Still Working in Silos? Here's What to Do.
Is Your QA Team Still Working in Silos? Here's What to Do.
marketing943205
 
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Alan Dix
 
Dark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanizationDark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanization
Jakub Šimek
 
Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...
Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...
Bridging AI and Human Expertise: Designing for Trust and Adoption in Expert S...
UXPA Boston
 
Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...
Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...
Digital Technologies for Culture, Arts and Heritage: Insights from Interdisci...
Vasileios Komianos
 
May Patch Tuesday
May Patch TuesdayMay Patch Tuesday
May Patch Tuesday
Ivanti
 
Understanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdfUnderstanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdf
Fulcrum Concepts, LLC
 
Best 10 Free AI Character Chat Platforms
Best 10 Free AI Character Chat PlatformsBest 10 Free AI Character Chat Platforms
Best 10 Free AI Character Chat Platforms
Soulmaite
 
AI and Meaningful Work by Pablo Fernández Vallejo
AI and Meaningful Work by Pablo Fernández VallejoAI and Meaningful Work by Pablo Fernández Vallejo
AI and Meaningful Work by Pablo Fernández Vallejo
UXPA Boston
 
Mastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B LandscapeMastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B Landscape
marketing943205
 
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptxUiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
anabulhac
 
Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?Shoehorning dependency injection into a FP language, what does it take?
Shoehorning dependency injection into a FP language, what does it take?
Eric Torreborre
 
Google DeepMind’s New AI Coding Agent AlphaEvolve.pdf
Google DeepMind’s New AI Coding Agent AlphaEvolve.pdfGoogle DeepMind’s New AI Coding Agent AlphaEvolve.pdf
Google DeepMind’s New AI Coding Agent AlphaEvolve.pdf
derrickjswork
 
AI and Gender: Decoding the Sociological Impact
AI and Gender: Decoding the Sociological ImpactAI and Gender: Decoding the Sociological Impact
AI and Gender: Decoding the Sociological Impact
SaikatBasu37
 
UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...
UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...
UX for Data Engineers and Analysts-Designing User-Friendly Dashboards for Non...
UXPA Boston
 
AI needs Hybrid Cloud - TEC conference 2025.pptx
AI needs Hybrid Cloud - TEC conference 2025.pptxAI needs Hybrid Cloud - TEC conference 2025.pptx
AI needs Hybrid Cloud - TEC conference 2025.pptx
Shikha Srivastava
 
In-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptx
In-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptxIn-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptx
In-App Guidance_ Save Enterprises Millions in Training & IT Costs.pptx
aptyai
 
Refactoring meta-rauc-community: Cleaner Code, Better Maintenance, More Machines
Refactoring meta-rauc-community: Cleaner Code, Better Maintenance, More MachinesRefactoring meta-rauc-community: Cleaner Code, Better Maintenance, More Machines
Refactoring meta-rauc-community: Cleaner Code, Better Maintenance, More Machines
Leon Anavi
 
Secondary Storage for a microcontroller system
Secondary Storage for a microcontroller systemSecondary Storage for a microcontroller system
Secondary Storage for a microcontroller system
fizarcse
 
Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...
Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...
Accommodating Neurodiverse Users Online (Global Accessibility Awareness Day 2...
User Vision
 
Is Your QA Team Still Working in Silos? Here's What to Do.
Is Your QA Team Still Working in Silos? Here's What to Do.Is Your QA Team Still Working in Silos? Here's What to Do.
Is Your QA Team Still Working in Silos? Here's What to Do.
marketing943205
 
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Alan Dix
 
Dark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanizationDark Dynamism: drones, dark factories and deurbanization
Dark Dynamism: drones, dark factories and deurbanization
Jakub Šimek
 

(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secure design

  • 1. Designing IoT Networks & Ecosystems to thwart low power communication protocol attacks Sumanth Naropanth & Nitin Lakshmanan DEEP ARMOR
  • 2. Agenda • Technical overview of an IoT/wearable ecosystem • Building blocks • Communication Protocols • Hands-on Exercises • IEEE 802.15.4/ZigBee • Bluetooth and BLE • AWS IoT Core • Security Development Lifecycle (SDL) overview
  • 3. Instructors • Nitin Lakshmanan • Security Analyst — Deep Armor • Aujas Networks, Aricent/Intel • Sumanth Naropanth • Founder and CEO — Deep Armor • Intel, Palm/HP, Sun Microsystems • Security consulting, vulnerability testing, SDL and training services for emerging technologies • www.deeparmor.com | @deep_armor
  • 5. Attacks on IoT products
  • 6. Gateway Weak Links Zigbee/Z-Wave/RF HTTP/S NB-IoT Cat M1 WiFi/BT/BLE/NFC/ANT+ HTTP/S - HW access - Secure Boot/FOTA - Crypto/Key Management - DARE - Node Spoofing - Node security requirements (see below) + - If (Rich OS), OS security - User Management - Secure Configuration - API security - Portal/UI security - Crypto/Key management - Container Security - Network security - Weaknesses in Wireless Standards - Side channel and timing attacks - Secure Provisioning - Secure Data Transmission - User/App Identification - Implementation weaknesses - Crypto - Crypto/Key Management Nod e Nod e Nod e Cloud (AWS/GCP/Azure/Private) - Secure Identification - Secure Debug - Secure Provisioning - Protocol attacks - Sensor value tampering WiFi/BT/BLE/NFC/ANT+
  • 7. Communication Channels Back End Services Gateway Gateway Node Node Node Node Node Node Sensors Sensors Sensors Sensors HTTP/HTTPS HTTP/HTTPS HTTP/HTTPS BT/BLE/WiFi/NFC/WiFi-Direct BT/BLE/NFC BLE/ANT+ Zigbee/Z-wave BLE/ANT+ Zigbee/Z-wave
  • 10. Zigbee • Low data rate wireless applications • Smart energy, medical, home automation, IIoT • Two bands of operation: 868/915MHz and 2450MHz • Simpler & less expensive than Bluetooth • 10-100m range • Zigbee Alliance
  • 11. Zigbee Security Model • Open Trust model (Device Trust Boundary) • Crypto protection • Network Key • Link Key (App Support Sublayer) • Secure key storage assumptions • Transmission of network key for new nodes • Hard-coded Trust Center Link Keys
  • 13. 802.15.4 • IEEE standard for low-rate wireless personal area networks (LR-WPANs) • 6LoWPAN for IPv6 over WPANs • Zigbee extends 802.15.4 (wrapper services) Application Presentation Session Transport Network Data Link Physical Logical Link Control Media Access Control
  • 14. Exercise 1a Generating & Analyzing IEEE 802.15.4 WSN packets (MAC Layer)
  • 16. Attacking WSN - Setup • IoT product simulator • Zigbee-like 802.15.4 based communication protocol • Packet sniffing, capture and injection • Goals: • Basic packet header formats • Security models for protecting comms • Hardware and software tools for packet sniffing & injection
  • 17. Setup Victim (Sender & Receiver) Attacker
  • 22. Outline HMAC (DA packet payload) HMAC (DD packet payload Manipulate Payload Sniff Inject Demo 2a
  • 24. Can we attack something else?
  • 26. Outline HMAC (DA packet payload) HMAC (DD packet payload) Manipulate SEQ NUM Sniff Inject Demo 2b
  • 27. Exercise 2 Manipulating the SEQ NUM header
  • 29. Outline HMAC (DA packet payload + headers) Manipulate SEQ NUM/payload HMAC (DD packet payload + headers) Sniff Inject Demo 3
  • 30. Hardening Wireless Sensor Networks • Integrity of the packet is maintained • HMAC implemented for integrity protection • With Cryptographic hash function like SHA256 • Key provisioning can be via many ways - DH, for example
  • 31. Bluetooth and Bluetooth Low Energy (BLE)
  • 32. GAP Defines how devices discover, connect and create bonding between them SMP Protocol for pairing and key distribution and authenticating other device Shared secrets can be managed and hence speed-up the reconnection process L2CAP Multiplexing layer for BLE GATT Describes characteristics, services and type of attributes/ their usage ATT Simple Client/ Server stateless protocol with rules for accessing data on a peer device Overview: Bluetooth Stack
  • 33. Intro to BLE • Wireless protocol for short range data exchange (~10 to 100 m) • Light-weight subset of classic Bluetooth with low power consumption • Operates in radio frequencies between 2.4 to 2.485 GHz • Managed by the Bluetooth Special Interest Group (SIG) • Use cases include wearable devices, smart pay systems, smart security systems etc
  • 34. BLE Security Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
  • 35. Pairing Algorithms Secure Simple Pairing • Just Works: very limited/ no user interface • Numeric Comparison: devices with display plus yes/no button • Passkey Entry: 6 digit pin as the pass key • Out Of Band: Use of an out of the band channel against MITM attacks
  • 36. Security weaknesses in BT/BLE • Security of the communication link depends on pairing algorithm • Eaves dropping on pairing mechanism compromises encryption keys • ‘Just works’ mode prone to MITM attacks • Apps (on the same phone as the companion app) snooping on encrypted BLE traffic – Let’s explore this!
  • 37. BT/BLE Security - Tools • Ubertooth • Bluefruit LE sniffer • NRFsniffer (Nordic BLE sniffer) • Ellisys sniffer
  • 38. BLE packet eavesdropping with Ubertooth
  • 39. Overview • Market products for fitness tracking • Use Bluetooth Low Energy • Packet sniffing, capture and cracking LE encryption • Goals: • BLE traffic eavesdropping • Tools to crack the basic security offered by BLE spec
  • 40. Setup
  • 41. Problems & Packet Injection • Multiple advertising channels (37, 38, 39) • Uncertainty —> 3 Ubertooths are better than 1 • Custom FW for packet injection
  • 42. Exercise 1 BLE Packet Analysis using Wireshark
  • 43. Understanding BLE pcaps • Protocol Data Unit • PDU length determines —> advertising packet or not •pdu_type == 5 [connection request by bluetooth device ]
  • 44. Exercise 2 Crackle - breaking LE encryption
  • 45. Stealing the LTK Pairing request Pairing response Establish STK based encryption Long term key ( LTK) agreement Encrypted Channel
  • 47. Options • Basic security- Switch on LE encryption • Crackle can break it! • Holistic Security — Application level encryption on top of network-level encryption • LE Privacy Mode
  • 49. BT/BLE problems with Android and iOS Device Commands: • Put device into recovery mode • Do a FW update • Change Device (BLE) name Notifications: • Social apps • Calls and texts Information: • User activity data • User profile updates • Application action (calls, music control) • Call/text/social updates (sometimes) ATTACKER
  • 50. Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Step Count & Calories Demo X
  • 51. Root Cause All applications on Android and iOS can subscribe to the BT service and get the data on the same BT channels or BLE characteristics as the legitimate app • Android • android.permission.BLUETOOTH • android.permission.BLUETOOTH_ADMIN – quote: • iOS • Core Bluetooth (CB) Framework • Centrals (client/phone) and Peripherals (server/wearable) classes
  • 53. Outline Activity Data, Notifications, etc. Commands, FOTA, etc. Encrypted (Step Count, Distance & Calories) LTK-encrypted Decrypted (Step Count, Distance & Calories)
  • 54. LTK-Encryption What happened there? Decrypted (Step Count, Distance & Calories) Decrypted ((Encrypted(Step Count, Distance & Calories)) LTK-Encrypted (Step Count, Distance & Calories) Wrapper Service B Wrapper Service A Encryption BLE Link Layer
  • 55. Challenges • Multiple mobile devices per device • Key provisioning and OOBE exposure • Solution • Use the Cloud
  • 57. What is it? • Managed cloud service for connected devices to interact with cloud applications • Connect and manage devices • Secure the communication • Process and Act • Monitor
  • 58. Demo & Exercise • Setup AWS IoT core Policy Thing Certs IoT Device Simulat or MQTT • Creating Policy/Thing/Certificates and attaching them to certificate • Run IoT device simulators from laptops • Observe traffic in Wireshark
  • 59. Topics of Interest • Review of overly permissive policies • Wild card should be avoided [iot : *] • iot:Publish/UpdateJobExecution/GetThingShadow • Must specify ARN of resource [wildcard * should not be used]
  • 60. Topics of Interest • AWS forces MQTT over TLS • All traffic to and from AWS IoT must be encrypted over Transport Layer Security (TLS). • AWS Authentication • X.509 certificates • IAM users, groups, and roles • Amazon Cognito identities • Federated identities
  • 62. Need for SDL • Next-gen SDL • For IoT, wearable and cloud technologies. • Especially when they all come together • Ecosystem security • Agile • Security, Privacy and Legal woven into the development cycle • Leveraging industry standards
  • 63. Security Architecture, Privacy Requirements Threat Modeling, Attack Trees & Data Access Reviews Focused Security Code Reviews & Privacy Planning Fuzzing, Penetration Testing, Privacy Sign-off Fix verification, Incident Response Planning Delta Security Assessment, Security for Continuous Integration/Deliv ery Program Conception Design Implementation Pre-Launch Deployment Maintenance Reviews Reviews & Reports Reports Resolution & Sign-off Reports IoT Mobil e Cloud Security Development Lifecycle Approach
  • 65. Challenges: Securing a never- before gadget • Lack of tactical SDL frameworks for rapid time-to-market products with constantly evolving requirements • Diverse, non-standard and evolving communication protocols • Weaknesses in adoption of protocol specifications • Long lives for IoT products • Privacy • Nascent research in IoT security
  • 66. Challenges - Technical • Collection of personal data and PII is higher • Geo-location information • Biometric data • Sensor data • Payment services • Limited SW stack —> security may get compromised • Often FW running on micro-controllers • Field updates are difficult • Asymmetric key crypto, TEEs, etc. are heavy • Multi-tier, multi-tenant product architecture • Cross-domain flows • Multiple exposure points as a consequence
  • 67. Privacy • Why worry? • Global Markets • Country-specific guidelines • Ecosystems and overlapping policies
  • 68. Summary • Plethora of protocols (and standards) • Custom hardware & software for IoT comms penetration testing • RZUSBStick works great. Also, APImote • Not much else • BT/BLE sniffing is still sketchy • SDL/SPDL and Shift-left Mobil e Clou d IoT devic e Communicatio n channel
  • 69. www.deeparmor.com | @deep_armor | services@deeparmor.com SDL Vulnerability Assessments Security Consulting Trainings
  翻译: