a bunch of problems no
play

A bunch of problems, no solutions Wade Trappe WHAT DO YOU THINK OF - PowerPoint PPT Presentation

IoT Security Challenges: A bunch of problems, no solutions Wade Trappe WHAT DO YOU THINK OF WHEN YOU HEAR INTERNET OF THINGS ? WINLAB Fitbit WINLAB Zeo sleep manager WINLAB Smart home Nest, WallyHome, Dropcam, Ivee, Rachio


  1. IoT Security Challenges: A bunch of problems, no solutions… Wade Trappe

  2. WHAT DO YOU THINK OF WHEN YOU HEAR “ INTERNET OF THINGS ” ? WINLAB

  3. Fitbit WINLAB

  4. Zeo – sleep manager WINLAB

  5. Smart home – Nest, WallyHome, Dropcam, Ivee, Rachio WINLAB

  6. UAV WINLAB

  7. Smartphone, laptop, tablet WINLAB

  8. Low- end devices: RFID tags, small sensors … WINLAB

  9. Smart vehicle & Self-driving cars WINLAB

  10. The IoT is really about “ DATA ”  SMART is about the DATA and closing the loop!!! Needs… + We need security to protect the loop! WINLAB

  11. IoT Architecture  Context-ware Middleware IoT Middleware Context World Search Model Application Plane Solver Computational Plane Devices Apps Aggregator Edge Router/ Network Plane Gateway Physical Plane Info. Future Internet Infrastructure WINLAB

  12. IoT Architecture  Four-plane Context – Physical (Device) Plane  Context determined by devices physical attribute such as:  Device Name, Device Type, Device Value, Device Location , etc. – Networking Plane  Context determined by the network attribute such as: Network Service Type (Stream, Linked-data), Bandwidth,  Connectivity, etc. – Computational/Middleware Plane  Filtering, processing, grouping, presentation, etc.  Lives to serve the Application Plane – Application Plane  Context determined by attributes mentioned above and application requirement such as : “Find the nearest cap”, “Find all the WINLAB rooms with temperature above 25 ° C”’ WINLAB

  13. BEING EVIL IS GOOD LET US LOOK AT SECURITY WINLAB

  14. It is important to examine the security problem according to the information flows and potential adversarial points of control Adversary acts as a false Adversary attacks application attempting communication conduit to access information between server and not intended for it applications Subscribing Publishing IoT Server Publishing IoT IoT Applications Publishing Gateway Internet API IoT Smart Homes Routers Gateway API IoT Smart Healthcare Sensors Gateway API Smart Grid Sensors Adversary alters Sensors a sensor to report Adversary creates a spoofing false readings sensor to the system Adversary monitors sensor readings to track customer usage WINLAB

  15. Can ’ t we just call TLS and go home? HTTP FTP SMTP S/MIME PGP SET HTTP FTP SMTP SSL/TLS Kerberos SMTP HTTP TCP TCP UDP TCP IP/IPSEC IP IP At the Network Level At the Transport Level At the Application Level  Unfortunately no… – Many devices won ’ t have the resources needed to support cryptographic mechanisms (I ’ m sorry, you want an X.509 what?)  We ’ re not too worried about securing your well-resourced Tablet, etc! – Many communication flows will be one-directional (how can you complete TLS Handshake without a hand to shake?) – Many of the attacks exist “ outside ” the network (Here is an encrypted 10000 degree Kelvin reading…)  Perhaps you can use IPSEC/TLS between the gateway and the server, but what about the sensor to the gateway? WINLAB

  16. More IoT Security Challenges  New security challenges brought by IoT – Extending the virtual network to the real world brings many legal and security/privacy issues.  Ubiquitous devices monitor everything causing privacy concerns.  Data is everywhere, acting upon that data is dangerous since you don’t know its source! – Highly distributed nature:  It is difficult to manage the large number of distributed devices.  Sensors and devices may be distributed in public areas unprotected, thus are vulnerable to physical attacks. – Limited-function embedded devices  Constraints: power, computation capability, storage etc.  Most of the communications are wireless, which makes attacks (e.g. eavesdropping, jamming) simple.  Some types of devices (e.g. passive RFID tags) are unable to provide authentication or data integrity. WINLAB [21]

  17. There is a low- end to the IoT… it will be hard to secure!  Let’s compare a Samsung S5  With a low-end IoT Tag – 2.5GHz quadcore processor – 16-bit processor – 2 GB of RAM – Running at 6MHz – 128GB SD card – 512 bytes storage – 38kJ battery that is recharged – 16KB flash for program daily – Must run for about 10000 – Can run 10 hours of web hours on a coin cell battery with less than 1/15 th the browsing before being recharged energy of the phone Take-away: Don ’ t worry about (some aspects) the high- end of the IoT… WINLAB

  18. But I don ’ t believe you, what about the Green Whatever movement… pg 1.  Let’s take a minute and talk energy, technology advancement and the green movement… – Our devices have limitations… – Much better batteries are not coming  (Aka, bond energy is not a Moore’s Law phenomena!) – Energy harvesting is being touted as a solution to our energy problems… but how much can they really harvest? – Lightweight crypto is either questionable or not light enough…  Next few slides, I’ll attempt to make the case… Take-away: Please don ’ t believe the hype… WINLAB

  19. There ’ s plenty of energy and computing available… not true!  Lifecycle of a typical IoT device – Sense and read data from memory – Frame data into a packet – Move packet from processor to radio – Power up radio – Stabilize and calibrate radio to meet frequency regulations – Transmit! TI MSP430 16-bit microcontroller, CC1150  Radio – The MSP430 requires 1mA to operate – The radio requires 23mA to broadcast at 6dBm – Example: 14byte packet at 250kbps requires 448 m sec, requires 32.3 m J – Coin cell battery has about 2-3 kJ of stored energy – Lightweight TLS needs 16M operations Allows only about 20000 operations to perform non-essential (security) operations WINLAB

  20. Green Batteries? Not going to happen… this ain ’ t your typical Moore ’ s Law phenomena, pg 3.  Batteries are a mature technology with centuries of engineering behind them.  Over past several decades, improvement at about 7% per year  There are only a limited number of elements in the periodic table and their potentials have long been known  We are already using some of the highest energy density materials available WINLAB

  21. Green Harvesting? Maybe in an ideal world, but the world is not ideal!, pg 4.  Harvest energy from the environment – manmade or natural  RF energy harvesting (e.g. passive RFID) – Tag collects the energy, converts it to DC to power microprocessor and RF – Fundamental constraint: radio energy decreases in density by 1 – Example: 4Watts of power emitted by a basestation can support distances of 2 r 3 3meters for an IoT tag in a environment 1 r /  100W gives 10 meters… far in excess of safe and legal exposure!  Photovoltaics – At high noon on a clear (summer) day, 100 mW/cm2 provided by the sun – Photovoltaic cells have an efficiency of (roughly) 1% to 25% – Practical limitations: shadows, clouds, nighttime, dust accumulation, etc… – Example: NYC average solar energy in winter is 12 mW/cm2 for a cell aimed at sun – Reality check: IoT devices will experience shadows, will not be kept clean, will have rechargeable battery leakage, etc… WINLAB

  22. OK, no Green Panacea… so where can we secure the IoT? Three Plane Approach IoT Middleware Security Things IoT Middleware Applications Device-level Future Internet Security Network Security We can introduce security here… and here… and here… WINLAB

  23. Three Planes for Security  Device-level: – To prevent data modification (while it is stored in the device), memory is protected in most RFID tags, such as EPCglobal Class-1 Generation-2 and ISO/IEC 18000 – 3 tags – Lightweight cryptography between devices and the aggregator:  CLEFIA (ISO/IEC 29192) is a 128-bit blockcipher or SIMON/SPECK: NSA recent recommendation for lightweight crypto  Caveat Emptor!!! – Reuse functionality and other information for security (anomaly detection) purposes: Physical layer, traffic statistics, etc. Network:  New forms of security can exist outside of the – Between gateways and servers, utilize conventional network security protocols (TLS!) crypto!!! This is Forensics! – Future Internet semantic/content-centric networking can provide privacy – In-network caching can ride out DoS. Middleware, or “the data computation layer”:  – Analyze the data you get, look for outliers and suspicious data, send warnings! For the sake of the discussion, I won’t worry about where you put these modes…  some will be at device to gateway, some will be in the backend cloud WINLAB

  24. Hard problem, case study: Thwarting an Indiana Jones Attack… still research to be done!  So lets put it together in a story/case-study  Call it the “Indiana Jones Attack!” BACK-END NETWORK ` BASE-STATION TAGGED ASSETS WINLAB

  25. Thwarting an Indiana Jones Attack: Mobility Detection Using Active IOT Tags Localization turned out to be hard, but detecting movement was not! 8.00 7.00 Tag 3B Mobile 6.00 Mobility Score 5.00 Tag 8e Mobile 4.00 3.00 Threshold 2.00 1.00 Tag 77 Stationary 0.00 0 20 40 60 80 100 120 140 160 Seconds WINLAB

Recommend


More recommend