transparent microsegmentation in smart home iot networks
play

Transparent Microsegmentation in Smart Home IoT Networks Amr Osman 1 - PowerPoint PPT Presentation

Oct 31, 2022 •199 likes •652 views

, Faculty of computer science Transparent Microsegmentation in Smart Home IoT Networks Amr Osman 1 Armin Wasicek 2 Stefan Kpsell 1 Thorsten Strufe 1 1 Chair of Privacy and Data Security TU Dresden firstname.lastname@tu-dresden.de 2 Avast Inc.

  1. , Faculty of computer science Transparent Microsegmentation in Smart Home IoT Networks Amr Osman 1 Armin Wasicek 2 Stefan Köpsell 1 Thorsten Strufe 1 1 Chair of Privacy and Data Security TU Dresden firstname.lastname@tu-dresden.de 2 Avast Inc. HotEdge’20

  2. Introduction Problem Microsegmentation Evaluation Conclusion Outline 1 Introduction 2 Problem Requirements Existing solutions 3 Microsegmentation System design Transparent microsegmentation 4 Evaluation 5 Conclusion HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 1 of 27

  3. Introduction Problem Microsegmentation Evaluation Conclusion 1 Introduction 2 Problem Requirements Existing solutions 3 Microsegmentation System design Transparent microsegmentation 4 Evaluation 5 Conclusion HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 2 of 27

  4. Introduction Problem Microsegmentation Evaluation Conclusion Smart home IoT networks [1] HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 3 of 27

  5. Introduction Problem Microsegmentation Evaluation Conclusion 1 Introduction 2 Problem Requirements Existing solutions 3 Microsegmentation System design Transparent microsegmentation 4 Evaluation 5 Conclusion HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 4 of 27

  6. Introduction Problem Microsegmentation Evaluation Conclusion Problem statement Communication setting: • Mixed wired + wireless connectivity • TCP/IP Protocol suite • Ethernet as a L2 protocol (802.11 MAC addresses) Threat model: • Internal attacker • Active • Laterally moving • Seeks: Reconnaissance, Data exflitration, Internet Unauthorized access, DoS, .. etc) HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 5 of 27

  7. Introduction Problem Microsegmentation Evaluation Conclusion Problem statement Communication setting: • Mixed wired + wireless connectivity • TCP/IP Protocol suite • Ethernet as a L2 protocol (802.11 MAC addresses) Threat model: • Internal attacker • Active • Laterally moving • Seeks: Reconnaissance, Data exflitration, Internet Unauthorized access, DoS, .. etc) HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 5 of 27

  8. Introduction Problem Microsegmentation Evaluation Conclusion 1 Introduction 2 Problem Requirements Existing solutions 3 Microsegmentation System design Transparent microsegmentation 4 Evaluation 5 Conclusion HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 6 of 27

  9. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  10. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  11. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  12. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  13. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  14. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  15. Introduction Problem Microsegmentation Evaluation Conclusion Requirements • Isolation : controlling communication between devices within each microsegment, between microsegments, and external endpoints in the cloud or internet. • Scalability : sustaining a large number of microsegments, IoT devices and home networks. • Edge-readiness : virtual network functions in the edge cloud must seamlessly augment the home network. • Automatic segment allocation : newly connected devices should be automatically recognized, identified and appropriately put into a microsegment. • Adaptability : dynamically changing the current set of microsegments configuration at runtime as new devices are added to the smart home. • 0-conf : require no manual configurations for the residential gateway and the IoT end devices. HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 7 of 27

  16. Introduction Problem Microsegmentation Evaluation Conclusion 1 Introduction 2 Problem Requirements Existing solutions 3 Microsegmentation System design Transparent microsegmentation 4 Evaluation 5 Conclusion HotEdge’20 Transparent Microsegmentation in Smart Home IoT Networks slide 8 of 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on

What is a Loxone Smart Home? A Home That Takes Care Of Itself Life at home is like flying on autopilot! My Loxone Smart Home and I think alike. If I ever want to change something, a single press on a switch is enough. Simple To Use

95 views • 9 slides
Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina

Packet-Level Signatures for Smart Home Devices Rahmadi Trimananda, Janus Varmarken, Athina Markopoulou, and Brian Demsky Smart Home 2 Smart Home Smart Plugs 2 Smart Home Smart Plugs Light Bulbs 2 Smart Home Smart Plugs Light Bulbs

1.92k views • 146 slides
Smart Proactive Homes Live independently at home for longer ProActivated will turn your own

Smart Proactive Homes Live independently at home for longer ProActivated will turn your own

Smart Proactive Homes Live independently at home for longer ProActivated will turn your own home in a smart home. Combining new and innovative technology with our smart software allows your home to deliver support in your daily life.

428 views • 20 slides
Smart Home Network Management with Dynamic Traffic Distribution Chenguang Zhu Xiang Ren

Smart Home Network Management with Dynamic Traffic Distribution Chenguang Zhu Xiang Ren

Smart Home Network Management with Dynamic Traffic Distribution Chenguang Zhu Xiang Ren Tianran Xu Motivation Motivation Per Application QoS In small home / office networks, applications compete for limited bandwidth high

998 views • 45 slides
Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG

Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG

Security Architecture for the Smart Home Jacob Fahrenkrug, CTO at yetu AG jacob.fahrenkrug@yetu.com http://yetu.com twitter: @yetuAG, @jacobfahrenkrug 2 Definition of Smart Home 3 Smart Home is not home automation! 4 5 6

243 views • 23 slides
A true game-changer of smart home market! Explore the most advanced gateway Home Center 3 is the

A true game-changer of smart home market! Explore the most advanced gateway Home Center 3 is the

A true game-changer of smart home market! Explore the most advanced gateway Home Center 3 is the worlds most advanced smart home gateway enabling intuitive home management. It is a result of our 10 years of experience and numerous comments

190 views • 17 slides
HOME CENTER 2 FIBARO SYSTEM Get to know FIBARO home FIBARO smart home is a complex ecosystem,

HOME CENTER 2 FIBARO SYSTEM Get to know FIBARO home FIBARO smart home is a complex ecosystem,

HOME CENTER 2 FIBARO SYSTEM Get to know FIBARO home FIBARO smart home is a complex ecosystem, but at the same time, its easy to install and manage. It can be customized and adjusted to the specifjc need of each room or space. Home

418 views • 17 slides
Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul

Security Analysis of Emerging Smart Home Applications Earlence Fernandes, Jaeyeon Jung, Atul Prakash IEEE Security and Privacy 24 May 2016 Smart Door Locks CO Sensors Connected Ovens Smart Plugs IP Cameras Emerging Smart Home Frameworks

502 views • 35 slides
ABOUT US Larnitech is a developer and manufacturer of Smart Home systems for home and

ABOUT US Larnitech is a developer and manufacturer of Smart Home systems for home and

ABOUT US Larnitech is a developer and manufacturer of Smart Home systems for home and office automation. The head office of the company is located in Cologne (Germany). Our new product line combines easy mounting and installation with a

557 views • 52 slides
Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa,

Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa,

HomeScan: Scrutinizing Implementations of Smart Home Integrations ICECCS18, 12 December 2018 Kulani Mahadewa, Kailong Wang, Guangdong Bai, Ling Shi, Jin Song Dong and Zhenkai Liang 1 Background IoT-enhanced smart home is getting popular

702 views • 30 slides
Content Distribution Networks explicit transparent (hijacking connections) Outline

Content Distribution Networks explicit transparent (hijacking connections) Outline

Design Space Caching Content Distribution Networks explicit transparent (hijacking connections) Outline Replication Implementation Techniques server farms Hashing Schemes Redirection Strategies geographically

237 views • 6 slides
Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M.

Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M.

Do Privacy and Security Matter to Everyone? Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption Nat M. Barbosa , Zhuohao Zhang, Yang Wang The Smart Home Adoption-Concern Conundrum

639 views • 10 slides
SMART HOME OVER IRC HAVING A CHAT WITH YOUR TOASTER 1 Motivation In this Lab you will

SMART HOME OVER IRC HAVING A CHAT WITH YOUR TOASTER 1 Motivation In this Lab you will

create your own exercise Joshua Koutny, Simon Anlauff | Team 204 SMART HOME OVER IRC HAVING A CHAT WITH YOUR TOASTER 1 Motivation In this Lab you will Create your own Smart Space Connect devices over a chat protocol Message

487 views • 15 slides
Optical Performance Monitoring Applications in Transparent Networks Dan Kilper Advanced

Optical Performance Monitoring Applications in Transparent Networks Dan Kilper Advanced

Optical Performance Monitoring Applications in Transparent Networks Dan Kilper Advanced Photonics Research Lucent Technologies dkilper@lucent.com C. R. Giles, W. Weingartner, A. Azarov, P. Vorreau, and J. Leuthold WOCC April 22, 2005

487 views • 28 slides
Measuring Home Networks with HomeNet Profiler Lucas Di Cioccio (Technicolor/UPMC) Renata

Measuring Home Networks with HomeNet Profiler Lucas Di Cioccio (Technicolor/UPMC) Renata

Measuring Home Networks with HomeNet Profiler Lucas Di Cioccio (Technicolor/UPMC) Renata Teixeira (CNRS/UPMC) Catherine Rosenberg (University of Waterloo) What do home networks look like? How many devices connect to home networks? What

609 views • 19 slides
Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop Karl Levitt Jeff Rowe University of California, Davis 1 / 21 2 / 21 3 / 21 4 / 21 Security Many things can go wrong... malicious firmware

803 views • 36 slides
Working with Reconnaissance Teams Post-Earthquake Reconnaissance Workshop PIEPC April 17, 2018

Working with Reconnaissance Teams Post-Earthquake Reconnaissance Workshop PIEPC April 17, 2018

Working with Reconnaissance Teams Post-Earthquake Reconnaissance Workshop PIEPC April 17, 2018 Laurel Nelson EERI Washington Chapter (Seattle Office of Emergency Management) People Infrastructure Environment Culture 2 4/19/2018 Add a

387 views • 10 slides
Austin Military Officers Association of America Its a Dangerous (Cyber) World Dr. Bill Young

Austin Military Officers Association of America Its a Dangerous (Cyber) World Dr. Bill Young

Austin Military Officers Association of America Its a Dangerous (Cyber) World Dr. Bill Young Department of Computer Science University of Texas at Austin Last updated: February 19, 2014 at 11:17 Dr. Bill Young: 1 CyberWar What Id Like

836 views • 46 slides
Simulated Penetration Testing: From Dijkstra to Turing Test++ J org Hoffmann June

Simulated Penetration Testing: From Dijkstra to Turing Test++ J org Hoffmann June

What? Classical Attack Graphs POMDPs MDPs Taxonomy And Now? Simulated Penetration Testing: From Dijkstra to Turing Test++ J org Hoffmann June 26, 2015 J org Hoffmann Simulated Penetration Testing 1/58 What? Classical

2.44k views • 184 slides
Who are you ? How can you identify someone? Certificates, Protocols: Machine to Machine

Who are you ? How can you identify someone? Certificates, Protocols: Machine to Machine

Who are you ? How can you identify someone? Certificates, Protocols: Machine to Machine Human to Machine ? Lets have some suggestions Be creative, not necessarily computer oriented Classification of identification methods

1.37k views • 97 slides
United States Army Security Assistance Command North Alabama International Trade Association

United States Army Security Assistance Command North Alabama International Trade Association

UNCLASSIFIED//FOUO UNCLASSIFIED//FOUO United States Army Security Assistance Command North Alabama International Trade Association (NAITA) Industry Day 2017 Foreign Military Sales: Ready for Today Set Conditions for Tomorrow Go

539 views • 16 slides
mami Plane 1 In the beginning there was ping , and it was good. (still the only

mami Plane 1 In the beginning there was ping , and it was good. (still the only

Platforms and Tools for Internet Measurement: Current and Future Developments Brian Trammell IRTF/ISOC Workshop on Research and Applications of Internet Measurements Yokohama, Japan, 31 October 2015 mami Plane 1 In the beginning

683 views • 32 slides
3) Intrusion Tests Red Team approach Emmanuel Benoist Spring Term 2016 Berner Fachhochschule |

3) Intrusion Tests Red Team approach Emmanuel Benoist Spring Term 2016 Berner Fachhochschule |

3) Intrusion Tests Red Team approach Emmanuel Benoist Spring Term 2016 Berner Fachhochschule | Haute cole spcialise bernoise | Berne University of Applied Sciences 1 Table of Contents Presentation Example of a Red Team Mission

728 views • 46 slides
BREAKING AND ENTERING: EMULATING THE DIGITAL ADVERSARY IN 2019 Bobby Thompson National

BREAKING AND ENTERING: EMULATING THE DIGITAL ADVERSARY IN 2019 Bobby Thompson National

C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y BREAKING AND ENTERING: EMULATING THE DIGITAL ADVERSARY IN 2019 Bobby Thompson National Cybersecurity Assessments and Technical Services

522 views • 27 slides

More recommend