Analyzing an IoT Empire

Michael Schloh, Europalab Networks | July 24-25



Overview

The dual nature (build and penetrate) of 'Analyzing an IoT Empire' uniquely offers security enthusiasts and penetration testers alike, the ability to understand how to assess and exploit the security of consumer and industrial smart devices in a variety of contexts including:

  • Health functions (temperature, blood pressure, heart rate)
  • Entertainment (storage and control of entertainment media)
  • Logistics transport (IVI, auto control, public transportation)
  • Resource management (water and energy consumption abatement)
  • Physical security (entry control, heating, alarm systems)
  • Applied agriculture (drone control, water distribution)
  • Retail support (customer loyalty, point of sales)
  • Nighttime safety (light and movement detection)
  • Modern automotive (IVI and CAN Bus control)

To achieve this, we study generic embedded topics:

  • MCU control
  • MPU operation
  • Sensors and actuators
  • Telemetry and telecommand
  • Serial connectivity (I2C, SPI, UART)
  • Transports (802.3, 802.11, 802.15.4, Bluetooth Smart)
  • Protocols (MQTT, AMQP, CoAP, IoTivity)

...as well as less well adopted technologies:

  • Sub Gigaherz comm (SigFox, LoRa)
  • Low power mesh (ZigBee, Z-Wave)
  • Protocols (ZeroMQ)


We use a comprehensive toolset from the Kali suite as well as some unique USB connected oscilloscopes for logic analysis and arbitrary waveform generation. To penetrate 802.3 connected devices we use LAN taps, and to penetrate Bluetooth we use Ubertooth One MCUs.

  • Mirai Botnet Dyn Attack
We will additionally model a IP webcam system in order to understand the recent DoS attack, as well as create a babyphone or similar device and consider defense strategy.

Who Should Take this Course

Anyone tasked with understanding IoT relevant transports (802.3, 802.11, 802.15.4, Bluetooth Smart) and modern network protocols (MQTT, AMQP, CoAP) benefit the most from 'Analyzing an IoT Empire.' This includes:

Security enthusiasts
Professional analysts
Embedded developers
Penetration testers

Student Requirements

Participants are required to know little beforehand about embedded engineering or IoT security. We'll cover the topics of MCUs, MPUs, sensors, actuators, telemetry, telecommand, topology, transport, and protocol in an introductory 2 hour whirlwind tour of the emerging Internet of Things industry.

For most benefit, please review the workshop wiki [1] to decide which topics apply best, and prepare to indicate this when we meet in class.


We will program using C, C++, Python and JavaScript. Competence is not required because we will simply copy and paste existing source code, a few dozen lines at a time.

What Students Should Bring

Students must bring a portable computer with two free USB type-A sockets and administrative control (root or similar login.) Computers with unlocked UEFI/BIOS interfaces are recommended, and bringing a telephone or similar portable devices with a modern Bluetooth (>4.0) stack is optional but recommended.

Additionally, feel welcome to bring any device you feel represents an 'embedded' platform that interests you or your workshop neighbors. We'll take it in consideration and see how to build and penetrate a system based on it.

What Students Will Be Provided With

A relevant subset (probably about half) of the following devices will be loaned to students for the duration of the course:

  • Minnowboard Turbot
  • Beaglebone Black
  • Raspberry Pi 2
  • Tessel2 (with modules)
  • FRDM-KL25Z devkit
  • FRDM-K64F devkit
  • nRF51 BTLE kit
  • Live USB drives
  • PCB shield assemblies
  • CC2650 SensorTag
  • Estimote beacons
  • Blesh beacons
  • Faux smartcams
  • Ubertooth One
  • LAN Taps
  • Oscilloscopes

Trainers

Michael Schloh von Bennewitz is a computer scientist specializing in network engineering, mobile design, and telecom server development. Responsible for research, development, and maintenance of packages in several community software repositories, he actively contributes to the Opensource development community. A prolific speaker in four fluent languages, Michael presents at technical meetings every year. He teaches security workshops on Internet of Things and Embedded Computing technology, travelling with a mobile laboratory of over 300 sensors, actuators, and computer devices. Michael's IoT knowledge profits from years of work at telecoms and relationships with industry leaders. He is a Intel innovator, Samsung partner, and Mozilla committer with the mandate to promote IoT technology.