23
Presented by - Sonal Mehta - Jitendra Purohit - Jayshree Kanse - Shaoliang Zhong - Sanjana Brid Internet of Things(IoT)

CS573_Presentation

Embed Size (px)

Citation preview

Page 1: CS573_Presentation

Presented by -Sonal Mehta -Jitendra Purohit -Jayshree Kanse -Shaoliang Zhong -Sanjana Brid -Dhruvin Patel

Internet of Things(IoT)

Page 2: CS573_Presentation

• What is IOT?

• Infrastructure

• Threats to Devices

• Botnet Attack

• Stuxnet

• Case Study

Agenda

2

Page 3: CS573_Presentation

IoT is an evolution of mobile, home and embedded applications that are being connected the internet integrating greater compute capabilities and using data analytics to extract meaningful information.

Definition

3

Page 4: CS573_Presentation

• Dynamic and Self-Adapting

• Self-Configuring

• Interoperable Communication Protocols

• Unique Identity

• Integrated into Information Network

IoT Characteristics

4

Page 5: CS573_Presentation

Infrastructure

5

Page 6: CS573_Presentation

• All about devices and apps.

• IOT needs a strong backbone! Why?

• Because behind-the-scenes stuff that ultimately enables and powers the end user.

• Example- Smart Parking System

Why Infrastructure?

6

Page 7: CS573_Presentation

More and more devices get connected online every day with approximately 9 billion devices already in use.  With weak or almost no security, these devices can easily become a victim and turned into a BOT which can then be controlled and used to attack anything!

Example – Distributed Denial of Service attack.

Here Comes the RISK

7

Page 8: CS573_Presentation

• Distribute and De-risk. It is more difficult to carry out an attack when the target is not centrally located. This reduces the risks from DDOS or service interruptions.

• Ensure that default ID’s and Privileged Accounts on each system is changed, protected, and audited.

• Keep Privileged Accounts at a minimum and use a PAM solution.

• Use and adopt a Least Privilege Model.

• Make sure sensitive systems are air-gapped and access is heavily controlled.

•Adopt a White listing approach and Trusted Computing Model for systems which run specific applications or tasks.

•Keep applications and systems up to date.

Infrastructure Security

8

Page 9: CS573_Presentation

• We can sort potential attacks against the Internet of Things into three primary categories based on the target of the attack—attacks against a device, attacks against the communication between devices and masters, and attacks against the masters.

•Attacks against IoT Devices :To a potential attacker, a device presents an interesting target for several reasons. First, many of the devices will have an inherent value by the simple nature of their function.

• Best Practice: Securing the Internet of Things requires device ID certificates to be issued to each device at the point of manufacturing to establish identity and facilitate authentication to service and other devices.

•Attacks against Communications : A common method of attack involves monitoring and altering messages as they are communicated. The volume and sensitivity of data traversing the IoT environment makes these types of attacks especially dangerous, as messages and data could be intercepted, captured, or manipulated while in transit.

•Best Practice: As sensitive data travels through the cloud and IoT environment, it should be encrypted to prevent interception.

Threats to Devices

9

Page 10: CS573_Presentation

• Attacks against the Master of Devices• For every device or service in the Internet of Things, there must be a master. The master’s role is to issue and manage devices, as well as facilitate data analysis. Attacks against the masters – including manufacturers, cloud service providers, and IoT solution providers – have the potential to inflict the most amount of harm. These parties will be entrusted with large amounts of data, some of it highly sensitive in nature.

• Best Practice: Code signing of firmware/software updates using code signed with digital certificates. Additionally, all communication with devices in the field should use SSL certificates.

Threats to Devices

10

Page 11: CS573_Presentation

A trillion points of vulnerability

• Every single device and sensor in the IoT represents a potential risk. How confident can an organization be that each of these devices have the controls in place to preserve the confidentiality of the data collected and the integrity of the data sent?

• One weak link could open up access to hundreds of thousands of devices on a network with potentially serious consequences.

Trust and data integrity

• Corporate systems will be bombarded by data from all manner of connected sensors in the IoT. But how sure can an organization be that the data has not been compromised or interfered with?

• Security must be built into the design of these devices and systems to create trust in both the hardware and integrity of the data.

Data collection, protection and privacy

• The vision for the IoT is to make our everyday lives easier and boost the efficiency and productivity of businesses and employees. The data collected will help us make smarter decisions. But this will also have an impact on privacy expectations. If data collected by connected devices is compromised it will undermine trust in the IoT. Trust is the foundation of the IoT and that needs to be underpinned by security and privacy.

Key IoT security challenges

11

Page 12: CS573_Presentation

• In-Car Wi-Fi

• Health Applications / Mobile Medical Devices

• Wearable Devices, Google Glass

• Retail Inventory Monitoring and Control, M2M

• Drones (unmanned aircraft) for domestic (non-military) use

Five categories of IoT devices at risk

12

Page 13: CS573_Presentation

Date: October 21st, 2016

DDOS- IoT Attack In Action

13

Time: 7 a.m.

Location: the East Coast of America

Target: Dyn, the DNS service

Damage: Twitter, GitHub, Spotify, New York Times, …

Data: 3 waves, 100 000 botnet nodes, 1.2 Tbps traffic

Source: Russia? China? WikiLeaks? -Mirai

Page 14: CS573_Presentation

“Mirai is malware that turns computer systems running Linux into remotely controlled "bots", that can be used as part of a botnet in large-scale network attacks”-Wikipedia

Target: IoT devices (webcams, routers)

Loophole: unchanged default username and password

Mirai

14

CNCIPs

bots

scanscan

attack!report

targets

HTTPTCPUDPGRE

Page 15: CS573_Presentation

15

Fun Facts/mirai/bot/scanner.c

Products of Chinese manufacturers

Page 16: CS573_Presentation

Fun Facts/mirai/cnc/admin.go

16

Google Translate says they are “user” and “password” in Russian

Page 17: CS573_Presentation

• Stuxnet is malicious worm that was targeted at a specific manufacturing facility. It was titled as the most complex worm at time of its discovery.

• Average viruses are about 10k bytes in size. Stuxnet was 500 KB

• Stuxnet had four zero-day vulnerability.

Stuxnet

17

USB Infection Vectors

Page 18: CS573_Presentation

•One of their customers of VirusBlockAda in Iran had been experiencing a number of BSOD failures and wanted help finding the cause.

•Research into that problem led to the discovery of the virus.

How was it Detected?

18

Page 19: CS573_Presentation

•The Stuxnet version discovered in June, 2010 initially spread through flash drives. *.lnk file on flash drive identifies a reference to a file (expected to be an icon).

•Once virus is uploaded and running, it hides the .lnk and source files. Stuxnet can use Windows shared folders to propagate itself over a local network. It places a dropper file on any shares on remote computers, and schedules a task to execute it.

How does it Spread?

19

Page 20: CS573_Presentation

20

Case Study- CISCO on IoT SecurityVectors on Attack in IoT

Page 21: CS573_Presentation

• Introduced by the Cisco Systems for IoT

• Extends Cloud computing services to the edge of the network and closer to the ground

• From central to distributed approach

• Analysis/Filtration of data done by Fog nodes

• Improves the security using CISCO fog data services

Fog Computing

21

Page 22: CS573_Presentation

CISCO Iot Platform Architecture

22

Cisco Computing Blog

Page 23: CS573_Presentation

23

Thank You!


расписание электричек Москва-Железка

расписание электричек Москва-Железка

Documents
How Computer Monitors Work

How Computer Monitors Work

Documents
Aesops Fables

Aesops Fables

Documents
(Tesla) - The Tesla Magnetic Car Engine

(Tesla) - The Tesla Magnetic Car Engine

Documents
Life Is Just A Dream - Or Is It?

Life Is Just A Dream - Or Is It?

Documents
Tragic Heroes

Tragic Heroes

Documents
Iron Mills Essay

Iron Mills Essay

Documents
The Last Carnival I Ever Saw

The Last Carnival I Ever Saw

Documents
Who Killed God

Who Killed God

Documents
Heidegger Kritik

Heidegger Kritik

Documents
Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Documents
Venture Capital

Venture Capital

Documents
How Computer Keyboards Work

How Computer Keyboards Work

Documents
Bhagavad Gita

Bhagavad Gita

Documents
Star Wars Trivia!

Star Wars Trivia!

Documents
United States Constitution

United States Constitution

Documents
Star Wars Original Trilogy Trivia (Episodes IV-VI)

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Documents
Daniel Zanella and Alexander Weygers

Daniel Zanella and Alexander Weygers

Documents
Cakes Recipes

Cakes Recipes

Documents
Algorithms

Algorithms

Documents
Barclays1

Barclays1

Documents
European Colinization of Latin America

European Colinization of Latin America

Documents
Chapter-01

Chapter-01

Documents
18 Tricks to Teach Your Body

18 Tricks to Teach Your Body

Documents
1 시스템분석입문

1 시스템분석입문

Documents
Introduction to Six Sigma

Introduction to Six Sigma

Documents
Oedipus The King: The Ideal Tragic Play

Oedipus The King: The Ideal Tragic Play

Documents
Fortran

Fortran

Documents
Chapter 24

Chapter 24

Documents
Do you admire Leonardo da Vinci?

Do you admire Leonardo da Vinci?

Documents