cybersecurity and the internet of things
play

Cybersecurity and the Internet of Things Week 9 Frank Chen | - PowerPoint PPT Presentation

Jul 08, 2023 •279 likes •737 views

Many of the appliances that we use today are connected to the Internet CS 88S Cybersecurity and the Internet of Things Week 9 Frank Chen | Spring 2017 Frank Chen | Spring 2017 Agenda Review week 7's material Smart Transportation

  1. Many of the appliances that we use today are connected to the Internet CS 88S Cybersecurity and the Internet of Things Week 9 Frank Chen | Spring 2017 Frank Chen | Spring 2017

  2. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  3. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  4. Tech Companies or Ad Companies? "Mobile now makes up 84 % of ad revenue" Source: http://tcrn.ch/2ktzjFU "Alphabet's revenue hit $21.5 billion, a 21 percent year-over-year increase. Of that revenue, $19.1 billion came from Google's advertising business" Source: http://bit.ly/2rf5Boe Frank Chen | Spring 2017

  5. Amazon Go's 3 Steps Make a video Get the Patents Prove then Wait Source: http://bit.ly/2iBsBxh Frank Chen | Spring 2017

  6. The Invisibility Cloak Image Source: http://bit.ly/2qZpIKA Frank Chen | Spring 2017

  7. A Cool Demo from CTF Frank Chen | Spring 2017

  8. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  9. Jeep Cherokee Frank Chen | Spring 2017 Source: jeep.com

  10. Remote Jeep Hack ● Zero-day exploit on Jeep Cherokees ● Attackers obtain wireless control, via the Internet, to any Jeep Cherokees Frank Chen | Spring 2017 For detailed explanation of the hack: http://bit.ly/2rdUL2Q

  11. UConnect Frank Chen | Spring 2017 Source: http://bit.ly/1ZcoZgH

  12. Hack Outline Send commands Rewrite through CAN bus to Exploit UConnect's Entertainment car's physical vulnerability to Hardware Chip components gain access Firmware (engines, wheel) Frank Chen | Spring 2017 Source: http://bit.ly/1ZcoZgH

  13. Steer Fast! Frank Chen | Spring 2017 Source: http://bit.ly/2aIa3ae

  14. Remote Jeep Hack Chrysler has issued a recall for 1.4 million vehicles as a result of Miller and Valasek’s research. The Message: Automakers need to be held accountable for their vehicles’ digital security. Frank Chen | Spring 2017 Source: http://bit.ly/1ZcoZgH

  15. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  16. Frank Chen | Spring 2017 Source: viastara.com

  17. Fitbit Data Dump "Cybercrime takes many forms, but one of the more insidious and perhaps less obvious manifestations is warranty fraud" - Brian Krebs Frank Chen | Spring 2017 Source: http://bit.ly/1nd7QGu

  18. Fitbit Hacked 1. Infect Fitbit with malware 2. Discover device & sync Malicious Computer 3. Inject payload into host Host Computer Frank Chen | Spring 2017 Source: http://bit.ly/2r5xfqq

  19. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  20. Frank Chen | Spring 2017 Source: qz.com

  21. How many are there? Siri Amazon Alexa Google Home Frank Chen | Spring 2017

  22. Alexa Demo Frank Chen | Spring 2017 Source: qz.com

  23. Incidents ● Dollhouse Incident ( http://bit.ly/2iUuaWW ) ● Connectivity Issues ( http://bit.ly/2fwb2L7 ) ● Amazon Alexa Murder Case (http://bit.ly/2luUdlK) Frank Chen | Spring 2017

  24. Preview for next week... "Do you have to give informed consent to be recorded each time you enter my Alexa-outfitted home?" Frank Chen | Spring 2017 Source: http://bit.ly/2luUdlK

  25. Preview for next week... "Google will share your information with companies, organizations, and individuals outside of Google if Google has a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to meet applicable law, regulation, legal process, or enforceable government request." Frank Chen | Spring 2017 Source: http://bit.ly/2luUdlK

  26. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  27. Frank Chen | Spring 2017 Source: nest.com

  28. Appliances Nest Thermostat Lorex Home Security Wink, TCP connected lighting system Blossom, smart August, smart water sprinkler door lock Samsung Smart Fridge Frank Chen | Spring 2017

  29. Secure? Or nah Frank Chen | Spring 2017 Source: http://bit.ly/2mkgTtn

  30. Security Issues ● Confidential Information ● Monetary Damage ● Physical Danger Frank Chen | Spring 2017 Source: wired.com

  31. Agenda ● Review week 7's material ● Smart Transportation ● Healthcare Devices ● Smart Assistants ● Home Appliances ● MIRAI DDoS Attack Frank Chen | Spring 2017

  32. Frank Chen | Spring 2017 Source: wired.com

  33. Review: DDoS Attack Frank Chen | Spring 2017 Source: wired.com

  34. Accessibility C I A Frank Chen | Spring 2017 http://tcrn.ch/2dt8sHy

  35. Frank Chen | Spring 2017 Source: bleepingcomputers.com

  36. Timeline of Events A second attack was reported at 11:52am and At 6:11pm, Dyn Internet users began First attack began at reported that they had reporting difficulties 7:00am (EDT) resolved the issue accessing websites Resolved by 9:20am A third attack began in the afternoon, after 4:00pm October 21, 2016 Frank Chen | Spring 2017 Source: krebsonsecurity.com

  37. Affected Websites Frank Chen | Spring 2017 Source: wired.com

  38. The MIRAI Virus ● Call-Home System connects to a command-and-control server (which could be another insecure ○ IoT device) to download details of whom to attack, and how. ● Set of Attack Routines generate a range of legitimate-looking streams of network traffic to eat ○ away at the victim’s network capacity. ● Network Scanner searches on the internet & try to login in various ways to build and report a ○ list of insecure IoT devices for the next wave of attacks. Frank Chen | Spring 2017 Source: http://bit.ly/2dLMyev

  39. The MIRAI Virus Open Source: https://github.com/jgamblin/Mirai-Source-Code Frank Chen | Spring 2017 Source: http://bit.ly/2dLMyev

  40. The MIRAI Virus Written in Go for Cross-Platform Support Frank Chen | Spring 2017 Source: http://bit.ly/2dLMyev

  41. The MIRAI Virus Uses built-in default passwords ... Frank Chen | Spring 2017 Source: http://bit.ly/2dLMyev

  42. Recommendations ● Don't use hardwired passwords ● Don't set default passwords ● Don’t allow unauthenticated or unencrypted protocols for inbound connections ● Don’t open administrative connections on the outside interface by default. Frank Chen | Spring 2017 Source: http://bit.ly/2dLMyev

  43. S�f��� �� ��� C���� T�� Do not use default password and username in IoT devices. Frank Chen | Spring 2017

  44. Next Week... Project DUE! Frank Chen | Spring 2017 Image Source: http://bit.ly/2pIoWQW

  45. Next Week... Frank Chen | Spring 2017

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Regulating Information: Cybersecurity, Internet of Things, & Exploding Rules David

Regulating Information: Cybersecurity, Internet of Things, & Exploding Rules David

Regulating Information: Cybersecurity, Internet of Things, & Exploding Rules David Bodenheimer Evan Wolff Kate Growley Regulating Information The Internet of Things: Peering into the Future Cybersecurity & New Regulations

627 views • 28 slides
The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The Internet of Things (IoT ). A proposed development of the Internet in which everyday objects have network connectivity, allowing them to send

575 views • 24 slides
Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable,

957 views • 47 slides
The Internet of Things Niels Olof Bouvin 1 Overview What is the Internet of Things? The vision

The Internet of Things Niels Olof Bouvin 1 Overview What is the Internet of Things? The vision

The Internet of Things Niels Olof Bouvin 1 Overview What is the Internet of Things? The vision Domains of the Internet of Things The challenges RFID 2 What is the Internet of Things? (CERP-IoT 2009): Internet of Things (IoT) is an

813 views • 33 slides
on the Internet of Things Software Project What is the Internet of Things? A system in which

on the Internet of Things Software Project What is the Internet of Things? A system in which

on the Internet of Things Software Project What is the Internet of Things? A system in which objects in the physical world can be connected to the Internet by sensors and actuators (coined 1999 by Kevin Ashton) Key aspects: E2E

343 views • 10 slides
The Internet of Things: an overview "Workshop on New Frontiers in Internet of Things

The Internet of Things: an overview "Workshop on New Frontiers in Internet of Things

The Internet of Things: an overview "Workshop on New Frontiers in Internet of Things Telecommunications/ICT4D Laboratory (T/ICT4D) of the Abdus Salam International Centre for Theoretical Physics (ICTP) 17 March 2016 (Trieste, Italy)

758 views • 37 slides
Securing the Internet of Things CSM-ACE 2013 13 November 2013 www.cyberunited.com Darin

Securing the Internet of Things CSM-ACE 2013 13 November 2013 www.cyberunited.com Darin

Intelligence and Security Informatics Securing the Internet of Things CSM-ACE 2013 13 November 2013 www.cyberunited.com Darin Andersen 20 Years Hi-Tech and 12 Years Cybersecurity Experience International Cyber Speaker, Insider Threat, SiOT

226 views • 20 slides
Wi-Fi Backscatter: Battery-free Internet Connectivity to Empower the Internet of Things

Wi-Fi Backscatter: Battery-free Internet Connectivity to Empower the Internet of Things

Wi-Fi Backscatter: Battery-free Internet Connectivity to Empower the Internet of Things Ubiquitous Computing Seminar FS2015 Bjarni Benediktsson | | Internet of Things The Internet of Things (IoT) is a computing concept that

657 views • 36 slides
How Were Failing To Secure The Internet Of Things Mark Stanislav

How Were Failing To Secure The Internet Of Things Mark Stanislav

How Were Failing To Secure The Internet Of Things Mark Stanislav <mstanislav@duosecurity.com> About The Internet Of Things The Internet of Things is the network of physical objects that contain embedded technology to

519 views • 25 slides
Introduction to The Web of Things Niels Olof Bouvin 1 Overview What is the Internet of Things?

Introduction to The Web of Things Niels Olof Bouvin 1 Overview What is the Internet of Things?

Introduction to The Web of Things Niels Olof Bouvin 1 Overview What is the Internet of Things? The vision Domains of the Internet of Things The challenges The Proto Web of Things The Raspberry Pi as a WoT platform The challenge of the

1.21k views • 63 slides
Securing the Web of Things Andrei Sabelfeld @asabelfeld Web of Things Internet of Things (IoT)

Securing the Web of Things Andrei Sabelfeld @asabelfeld Web of Things Internet of Things (IoT)

Securing the Web of Things Andrei Sabelfeld @asabelfeld Web of Things Internet of Things (IoT) Incompatible standards, platforms, technologies World Wide Web Consortium (W3C) is in a unique position to create the royalty-free and

273 views • 15 slides
for the Internet of Things Shaowei Lin GTC San Jose May 2017 Internet of Things Heterogeneous

for the Internet of Things Shaowei Lin GTC San Jose May 2017 Internet of Things Heterogeneous

Artificial General Intelligence for the Internet of Things Shaowei Lin GTC San Jose May 2017 Internet of Things Heterogeneous Systems Resource Constraints Higher-Order Intelligence Distributed Intelligence Deep Neural Networks

269 views • 24 slides
LoRa Wireless Network for the Internet of Things Content 1) The Internet of Things 2) Low-Power

LoRa Wireless Network for the Internet of Things Content 1) The Internet of Things 2) Low-Power

LoRa Wireless Network for the Internet of Things Content 1) The Internet of Things 2) Low-Power Wide-Area Network (LPWAN) 3) LoRa Architecture Layers Limitations 4) Other LPWAN Technologies 5) Conclusion 2 The Internet of Things

10.73k views • 27 slides
Internet of things: Next evolution of the Internet Cisco blog quotes: The number of devices

Internet of things: Next evolution of the Internet Cisco blog quotes: The number of devices

6PANview : A Network Monitoring System for the Internet of Things 23-August-2011 Lohith Y S, Brinda M C, Anand SVR, Malati Hegde Department of ECE Indian Institute of Science Bangalore Funded by DIT, Government of India Internet of

520 views • 20 slides
INDUSTRIAL INTERNET OF THINGS Title : The State of the Industrial Internet of Things

INDUSTRIAL INTERNET OF THINGS Title : The State of the Industrial Internet of Things

THE STATE OF THE INDUSTRIAL INTERNET OF THINGS Title : The State of the Industrial Internet of Things Overview : From industry to industry the industrial internet of things is creating tremendous value. This webinar, based on insights

573 views • 34 slides
Policy and Technology Drivers in Policy and Technology Drivers in the Internet of Things the

Policy and Technology Drivers in Policy and Technology Drivers in the Internet of Things the

Policy and Technology Drivers in Policy and Technology Drivers in the Internet of Things the Internet of Things Grald Santucci Head of Unit Networked enterprise & Radio Frequency Identification (RFID) Internet of Things 2008, Zurich

732 views • 28 slides
XPath: Arithmetical Operations XPath : Arithmetical Operations 3.1 Additional Features 3.1

XPath: Arithmetical Operations XPath : Arithmetical Operations 3.1 Additional Features 3.1

XPath: Arithmetical Operations XPath : Arithmetical Operations 3.1 Additional Features 3.1 Additional Features XPath XPath support for support for Operators for double Operators for double- -precision (64 bit) floating

214 views • 5 slides
Categorical Constructions in Graphs Laura Scull Fort Lewis College, Durango, CO FMCS May 2019

Categorical Constructions in Graphs Laura Scull Fort Lewis College, Durango, CO FMCS May 2019

Categorical Constructions in Graphs Laura Scull Fort Lewis College, Durango, CO FMCS May 2019 Category of Graphs Products Exponentials Homotopy Outline The Category of Graphs Products of Graphs Exponential Object Homotopy Category of

964 views • 75 slides
Point of Care Ultrasound for the Hospitalist UCSF Parnassus Campus San Franciso, CA SUNDAY

Point of Care Ultrasound for the Hospitalist UCSF Parnassus Campus San Franciso, CA SUNDAY

Department of Medicine University of California, San Francisco School of Medicine Point of Care Ultrasound for the Hospitalist UCSF Parnassus Campus San Franciso, CA SUNDAY MONDAY October 20-21, 2019 COURSE DIRECTORS Brandon Boesch,

1.61k views • 121 slides
All Star Sports Soccer Coach Gugino lvgrouplifefitness@gmail.com 702 336 6035 Intro Hello

All Star Sports Soccer Coach Gugino lvgrouplifefitness@gmail.com 702 336 6035 Intro Hello

All Star Sports Soccer Coach Gugino lvgrouplifefitness@gmail.com 702 336 6035 Intro Hello Families! My name is Lee Gugino, I was born and raised in Las Vegas, I played Soccer, Basketball, and Swimming at Durango High School. I

487 views • 10 slides
N ORTH D AKOTA G OVERNOR S P I PELI NE S UMMI T B I SMARCK , ND J UNE 1 4 TH , 2 0 1 2 June 14,

N ORTH D AKOTA G OVERNOR S P I PELI NE S UMMI T B I SMARCK , ND J UNE 1 4 TH , 2 0 1 2 June 14,

Bridger Pipeline North Dakota Governors Pipeline Summit N ORTH D AKOTA G OVERNOR S P I PELI NE S UMMI T B I SMARCK , ND J UNE 1 4 TH , 2 0 1 2 June 14, 2012 Baker 300 1 Bridger Pipeline North Dakota Governors Pipeline

1.5k views • 115 slides
Corrected network measures Introduction Overlap weight Corrected Vladimir Batagelj overlap

Corrected network measures Introduction Overlap weight Corrected Vladimir Batagelj overlap

Corrected network measures V. Batagelj Corrected network measures Introduction Overlap weight Corrected Vladimir Batagelj overlap weight Clustering coefficient IMFM Ljubljana and IAM UP Koper Corrected clustering coefficient

551 views • 30 slides
http://cmp.imag.fr CMP annual users meeting, 4 Feb. 2016, PARIS Pr Process Portf rtfolio lio fr

http://cmp.imag.fr CMP annual users meeting, 4 Feb. 2016, PARIS Pr Process Portf rtfolio lio fr

its M ul ti P ro C ir ircu cuits ulti rojets MPW Services Center for IC / MEMS Prototyping http://cmp.imag.fr Grenoble France CMP annual users meeting, 4 Feb. 2016, PARIS STMicroelectronics Standard Technology offers at CMP in 2016

679 views • 16 slides
Animated Mirn Du ff y Interaction Designer, Red Hat GIFs with @mairin <du ff

Animated Mirn Du ff y Interaction Designer, Red Hat GIFs with @mairin <du ff

Animated Mirn Du ff y Interaction Designer, Red Hat GIFs with @mairin <du ff y@redhat.com> GIMP Remy DeCausemaker Hackademic & Storyteller @Remy_D WORKSHOP <Remy@DeCausemaker.org> While you wait... download these fi les!

615 views • 40 slides

More recommend