A bunch of problems, no solutions Wade Trappe WHAT DO YOU THINK OF - - PowerPoint PPT Presentation

a bunch of problems no
SMART_READER_LITE
LIVE PREVIEW

A bunch of problems, no solutions Wade Trappe WHAT DO YOU THINK OF - - PowerPoint PPT Presentation

Jul 14, 2023 101 likes •392 views

IoT Security Challenges: A bunch of problems, no solutions Wade Trappe WHAT DO YOU THINK OF WHEN YOU HEAR INTERNET OF THINGS ? WINLAB Fitbit WINLAB Zeo sleep manager WINLAB Smart home Nest, WallyHome, Dropcam, Ivee, Rachio

slide-1
SLIDE 1

IoT Security Challenges: A bunch of problems, no solutions…

Wade Trappe

slide-2
SLIDE 2

WINLAB

WHAT DO YOU THINK OF WHEN YOU HEAR “INTERNET OF THINGS”?

slide-3
SLIDE 3

WINLAB

Fitbit

slide-4
SLIDE 4

WINLAB

Zeo – sleep manager

slide-5
SLIDE 5

WINLAB

Smart home – Nest, WallyHome, Dropcam, Ivee, Rachio

slide-6
SLIDE 6

WINLAB

UAV

slide-7
SLIDE 7

WINLAB

Smartphone, laptop, tablet

slide-8
SLIDE 8

WINLAB

Low-end devices: RFID tags, small sensors …

slide-9
SLIDE 9

WINLAB

Smart vehicle & Self-driving cars

slide-10
SLIDE 10

WINLAB

The IoT is really about “DATA”

 SMART is about the DATA and closing the loop!!!

+ Needs…

We need security to protect the loop!

slide-11
SLIDE 11

WINLAB

IoT Architecture

IoT Middleware

Application Plane Network Plane Physical Plane Devices Apps Future Internet Infrastructure Context Search Aggregator World Model Computational Plane Solver Edge Router/ Gateway Info.  Context-ware Middleware

slide-12
SLIDE 12

WINLAB

IoT Architecture

 Four-plane Context

– Physical (Device) Plane

 Context determined by devices physical attribute such as:

 Device Name, Device Type, Device Value, Device Location, etc.

– Networking Plane

 Context determined by the network attribute such as:

Network Service Type (Stream, Linked-data), Bandwidth, Connectivity, etc.

– Computational/Middleware Plane

 Filtering, processing, grouping, presentation, etc.  Lives to serve the Application Plane

– Application Plane

 Context determined by attributes mentioned above and

application requirement such as : “Find the nearest cap”, “Find all the WINLAB rooms with temperature above 25 ° C”’

slide-13
SLIDE 13

WINLAB

BEING EVIL IS GOOD LET US LOOK AT SECURITY

slide-14
SLIDE 14

WINLAB It is important to examine the security problem according to the information flows and potential adversarial points of control

Internet

Smart Homes

Publishing Subscribing

Sensors Routers IoT Server IoT Applications IoT Gateway

Publishing

Smart Grid Sensors IoT Gateway Smart Healthcare Sensors IoT Gateway

API API API

Publishing

Adversary alters a sensor to report false readings Adversary attacks communication conduit between server and applications Adversary acts as a false application attempting to access information not intended for it Adversary creates a spoofing sensor to the system Adversary monitors sensor readings to track customer usage

slide-15
SLIDE 15

WINLAB

Can’t we just call TLS and go home?

 Unfortunately no…

– Many devices won’t have the resources needed to support cryptographic mechanisms (I’m sorry, you want an X.509 what?)

 We’re not too worried about securing your well-resourced Tablet, etc!

– Many communication flows will be one-directional (how can you complete TLS Handshake without a hand to shake?) – Many of the attacks exist “outside” the network (Here is an encrypted 10000 degree Kelvin reading…)

 Perhaps you can use IPSEC/TLS between the gateway and the server, but what

about the sensor to the gateway?

TCP IP/IPSEC HTTP FTP SMTP TCP IP HTTP FTP SMTP SSL/TLS TCP IP S/MIME PGP UDP Kerberos SMTP SET HTTP

At the Network Level At the Transport Level At the Application Level

slide-16
SLIDE 16

WINLAB

More IoT Security Challenges

 New security challenges brought by IoT

– Extending the virtual network to the real world brings many legal and security/privacy issues.

 Ubiquitous devices monitor everything causing privacy concerns.  Data is everywhere, acting upon that data is dangerous since you don’t

know its source!

– Highly distributed nature:

 It is difficult to manage the large number of distributed devices.  Sensors and devices may be distributed in public areas unprotected, thus

are vulnerable to physical attacks.

– Limited-function embedded devices

 Constraints: power, computation capability, storage etc.  Most of the communications are wireless, which makes attacks (e.g.

eavesdropping, jamming) simple.

 Some types of devices (e.g. passive RFID tags) are unable to provide

authentication or data integrity.

[21]

slide-17
SLIDE 17

WINLAB

There is a low-end to the IoT… it will be hard to secure!

 Let’s compare a Samsung S5

– 2.5GHz quadcore processor – 2 GB of RAM – 128GB SD card – 38kJ battery that is recharged daily – Can run 10 hours of web browsing before being recharged

 With a low-end IoT Tag

– 16-bit processor – Running at 6MHz – 512 bytes storage – 16KB flash for program – Must run for about 10000 hours on a coin cell battery with less than 1/15th the energy of the phone

Take-away: Don’t worry about (some aspects) the high-end of the IoT…

slide-18
SLIDE 18

WINLAB

But I don’t believe you, what about the Green Whatever movement… pg 1.

 Let’s take a minute and talk energy, technology advancement

and the green movement…

– Our devices have limitations… – Much better batteries are not coming

 (Aka, bond energy is not a Moore’s Law phenomena!)

– Energy harvesting is being touted as a solution to our energy problems… but how much can they really harvest? – Lightweight crypto is either questionable or not light enough…

 Next few slides, I’ll attempt to make the case…

Take-away: Please don’t believe the hype…

slide-19
SLIDE 19

WINLAB

There’s plenty of energy and computing available… not true!

Lifecycle of a typical IoT device

– Sense and read data from memory – Frame data into a packet – Move packet from processor to radio – Power up radio – Stabilize and calibrate radio to meet frequency regulations – Transmit!

TI MSP430 16-bit microcontroller, CC1150 Radio

– The MSP430 requires 1mA to operate – The radio requires 23mA to broadcast at 6dBm – Example: 14byte packet at 250kbps requires 448 msec, requires 32.3 mJ – Coin cell battery has about 2-3 kJ of stored energy – Allows only about 20000 operations to perform non-essential (security) operations

Lightweight TLS needs 16M operations

slide-20
SLIDE 20

WINLAB

 Batteries are a mature technology with centuries of engineering behind them.  Over past several decades, improvement at about 7% per year  There are only a limited number of elements in the periodic table and their

potentials have long been known

 We are already using some of the highest energy density materials available

Green Batteries? Not going to happen… this ain’t your typical Moore’s Law phenomena, pg 3.

slide-21
SLIDE 21

WINLAB

 Harvest energy from the environment– manmade or natural  RF energy harvesting (e.g. passive RFID)

– Tag collects the energy, converts it to DC to power microprocessor and RF – Fundamental constraint: radio energy decreases in density by – Example: 4Watts of power emitted by a basestation can support distances of 3meters for an IoT tag in a environment

 100W gives 10 meters… far in excess of safe and legal exposure!

 Photovoltaics

– At high noon on a clear (summer) day, 100 mW/cm2 provided by the sun – Photovoltaic cells have an efficiency of (roughly) 1% to 25% – Practical limitations: shadows, clouds, nighttime, dust accumulation, etc… – Example: NYC average solar energy in winter is 12 mW/cm2 for a cell aimed at sun – Reality check: IoT devices will experience shadows, will not be kept clean, will have rechargeable battery leakage, etc…

Green Harvesting? Maybe in an ideal world, but the world is not ideal!, pg 4.

2

1 r

3

/ 1 r

slide-22
SLIDE 22

WINLAB

OK, no Green Panacea… so where can we secure the IoT? Three Plane Approach

Things IoT Middleware Future Internet Applications Device-level Security IoT Middleware Security Network Security

We can introduce security here… and here… and here…

slide-23
SLIDE 23

WINLAB

Three Planes for Security

Device-level: – To prevent data modification (while it is stored in the device), memory is protected in most RFID tags, such as EPCglobal Class-1 Generation-2 and ISO/IEC 18000–3 tags – Lightweight cryptography between devices and the aggregator:

 CLEFIA (ISO/IEC 29192) is a 128-bit blockcipher or SIMON/SPECK: NSA recent recommendation for

lightweight crypto

 Caveat Emptor!!!

– Reuse functionality and other information for security (anomaly detection) purposes: Physical layer, traffic statistics, etc.

Network: – Between gateways and servers, utilize conventional network security protocols (TLS!) – Future Internet semantic/content-centric networking can provide privacy – In-network caching can ride out DoS.

Middleware, or “the data computation layer”:

– Analyze the data you get, look for outliers and suspicious data, send warnings!

For the sake of the discussion, I won’t worry about where you put these modes… some will be at device to gateway, some will be in the backend cloud

New forms of security can exist outside of the crypto!!! This is Forensics!

slide-24
SLIDE 24

WINLAB

 So lets put it together in a story/case-study  Call it the “Indiana Jones Attack!”

NETWORK

`

TAGGED ASSETS BASE-STATION BACK-END

Hard problem, case study: Thwarting an Indiana Jones Attack… still research to be done!

slide-25
SLIDE 25

WINLAB

0.00 1.00 2.00 3.00 4.00 5.00 6.00 7.00 8.00 20 40 60 80 100 120 140 160

Mobility Score

Seconds Tag 8e Mobile Tag 77 Stationary Tag 3B Mobile Threshold

Thwarting an Indiana Jones Attack: Mobility Detection Using Active IOT Tags

Localization turned out to be hard, but detecting movement was not!

slide-26
SLIDE 26

WINLAB

Putting it all together case study: Thwarting an Indiana Jones Attack, it doesn’t quite work (yet!!!)

 Let’s return to the Indiana Jones

Attack…

– Even if item is immobile, a quick imposter can replicate its radio signals

 Problem:

– Replacement events (“Indiana Jones” attacks) cause variations in signal strength that are similar to those seen from immobile transmitters when people are moving close by. – Replacement events would only rarely be detected as mobility events.

 We need better “forensics” tools!

slide-27
SLIDE 27

WINLAB

Placing security in the middleware: study the actual data to find anomalous activity

 We have (lots of) data and physical

phenomena on our side… – Data analytics can allow us to look for and use correlations to validate the Process of Measurement (POM):

 Identify anomalous data  Tag data with quality assessments

using historical or physical phenomena

– Temporal Consistency Checking – Multimodal Consistency Checking

 Use physics and correlations

 Data analytics needed for forensics and

analysis can get fancy (and fun!) very fast!

 

    

1

:

n n n

X X X

slide-28
SLIDE 28

WINLAB

Will Allow…

Wrapping it up… Securing the IoT will involve a lot of data analysis– at different locations within the system

 Standard security protects only some aspects  Data analysis and forensics will flag anomalous events and

protect the applications being built upon IoT

DATA Forensics Algorithms