tsensors san diego sandhi bhide - context sensors and security for internet of things-nov 12-13-2014

7/26/2019 Tsensors San Diego Sandhi Bhide - Context Sensors and Security for Internet of Things-Nov 12-13-2014

1/29

Context Sensors and Security for Internet of Things

andhiprakash Bhide, Director of Innovation, Future IOT olutions

Application Ready Platforms Division, IOT Group

Intel Corporation

November 12-13, 2014

Photo Credit: http://www.lapalaparealty.com/wp-content/uploads/2013/01/SanDiego3.jpg


2/29

Sandhi Bhide Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA Disclosure


In the E2E IOT value chain, the sensor

node is the most vulnerable point ofattack

2


3/29

3Sandhi Bhide Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA Disclosure

The Connected Home 1980s-1990s

3

Credit of home slides: Raj Samani, McAfee/Intel


4/29

4Sandhi Bhide Intel Corporation,TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA Disclosure

Typical Connected Home, Year 2013

4


5/29



5


6/29



6


7/29



7


8/29


Life with Desktop, Laptops, Tablets, and Phones (~1.6B)

8

Internet

Consumer Devices

Malware

Denial of

Service

Spoofing

Physical

Viruses

Worm

Trojan

Horse


9/29


What would your life be with 1T sensors + 50B devices?

9

Lighting

Entertainment

Energy

Security Cameras

Wearables

HVAC

Internet

Appliances

Sensors

Consumer Devices

Embedded Devices

Malware

Denial of

Service

Spoofing

Physical

Viruses

Worm

Trojan

Horse


10/29

10Sandhi Bhide Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA DisclosureSandhi Bhide Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA Disclosure

Most of the 50B devices will be unprotected and open to

getting hacked !!

Loss of economic value & loss of innocence

(opt-in w/o knowing consequences)

How many 20 pages of legal disclaimers will you read?

10


11/29


Hackers are already attacking the industrial world

Hackers break into networks of 3

big medical device makers (SF

Chronicle, Feb 10, 2014)

Thousands of IoT control systems

vulnerable: DHS Study (Info Week,

Jan 11 2013)

Underground copper wire heist

causes San Jose freeway flood (SJ

Mercury News, Feb 28, 2014)

Target hackers broke in via HVAC

company (CNBC, Feb 5, 2014)

How Hackers can take control of

your Car (EE Times, Jul 8, 2013)

Attack on California substation

fuels Grid Security debate (IEEE

Spectrum, Feb 2014)

Shamoon [virus] was an externalattack on Saudi Oil Production

(Info Security magazine, Dec. 10,

2012))

World First Cyber hijack: Wasmissing Malaysia flight hacked by

mobile phone? (Express, March

16, 2014)


12/29


New Security Threats to Personal IOT Devices

Fridge sending out spam after web attack compromised

gadgets. One of > than 100K devices used in spam

campaign. (BBC News. Jan 2014)Wearable Computing Equals New Security Risks,

(InformationWeek. 13 Jan 2013)

Medical Devices: Were starting to attach medical

devices to electronic health records, and theyre not

secure.' (Healthcare IT News. May 2013)

Credit Card Information System: Target Confirms

Point-of-Sale Malware Was Used in Attack (Security

Week. 13 Jan 2014)

Baby Monitor: Hacker takes over baby monitor and

shouts obscenities at sleeping child. (ABC News, 13

Aug 2013)


13/29


Anonymized data may not be as anonymous as isbelieved. Or it may be now, but not in the future

How To Track Vehicles

Using Speed Data

Alone

Carmakers keep data

on drivers' locations

FTC Hearing IoT

Privacy Concerns

Connected Home

Invasion: The Methods

Car insurance companies reduce the cost of

insurance by gathering data about a

customer's driving practices

Report finds automakers keeping info about

drivers location. Owners cant demand thatinfo is destroyed

Anyone concerned about privacy would bewell advised to weigh in on this before the

issue is taken over

No incentive to secure products. With

resources better off spending on the features

that consumers want


14/29


Access to Electrical Loading can pose a security threat

14


15/29


Users Perspective of SecurityDepends end user and the app

15

Person remainsanonymous unless

opted-in

Privacy

Release ofsensitive/ personal

info withoutconsent

SafetyData Protection

Does not cause anyharm to people

Data safe fromtheft or alteration

Identity

TRUST


16/29


Levels of Security Risks

1. riticality

: Potential for damage if system is breached.Damage can be loss of life, financial loss, or inconvenience

2. Value of target

(to hackers): What will hackers go after? Isit more valuable for the hacker to attack a thermostat or a

financial institution?3. Value of market

: What is the size of market? How muchwould market be willing to pay for security?


17/29


Security necessarily segments the IOT market

Different usages requiredifferent security mechanisms

Cost sensitivity implies different security controls fordifferent IOT segments, i.e., smart meters

Three types of security technical issues for IOT devices

How to secure communications?

How to detect and recover from malware?

How to defend the physical security of low cost devices?

IOT Security is important


18/29

18


Sensor Security Challenge #1

Softwa -bas d

sensor attack rates rising Sensor data left unprotected:

1. By APIs;

2. In system memory (buffers)

Once access to sensor data is obtained, information can bedirectly or indirectly inferred


19/29

19



Users cant tell if sensors are on/off and cannot control use Sensor data can be faked -- not certified as authentic --

allowing attacks on sensor-data-based uses


20/29

20


1. How do we keep the credentials provisioned in IoT devicessecret from attackers with physical access to the device?

Important for infrastructure IoT devices but perhaps notfor personal devices

2. How do we detect IOT Device being tampered? Most IoT designs today assume device functionality is

immutable

3. What market segments require device hardening from

physical attack (e.g., will vandalism be common ininfrastructure devices)?



21/29

21

Sandhi Bhide Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA DisclosureSandhi Bhide Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA Disclosure

21


22/29

22

Sandhi Bhide Intel Corporation,TSensors Summit, San Diego, CA. Nov. 12-13, 2014. 2014 Intel Corporation, OK for Non-NDA Disclosure

Security by creating a Context around Sensors

Soft SensorsCalendar

Preferences

InterestsLocation

Local Services

Physical SensorsGyroGPS

AccelerometerHealth

UltrasonicTemp/Humidity

CO/CO2/NOxToxic Gases/HC

PressureProximity

TouchLight/IR

Audio/Video

Higher

Level ofSecurity

Senso 1 Senso 2 Senso 3 Senso 4

Sensor Collaboration


23/29

23


Security, Identity, Privacy, and Safety from the Sourceto all levels

In-memorySensor Data

Sensor Data inthe Storage

Protected

ExecutionEnvironment

Sensor DataComms

1. Only Legitimate/AuthorizedUsers can access

2. Easy to use environment withpolicies to control sensor dataprocessing and use

3. Scalable platforms and sensortypes

4. Keeping sensor credentialssecret

Sensor Physical Protection


24/29

24


In the E2E IOT value chain, the sensor node is the mostvulnerable point of attack

24


25/29

Thank you

Photo Credit: https://www.optumhealthsandiego.com/portal/server.pt/gateway/PTARGS_0_84133_2503_436_70295_43/http%3B/upsprodtools-e.uhc.com%3B7087/publishedcontent/publish/ubhp/sandiego/cmscontent/san_diego.jpg


26/29

26


Backup

26


27/29

27


Glossary of Terms

1. Hacker Attacks: Indicates attacks that are not automated by programs such as viruses, worms, or Trojan horse

programs. There are various forms that exploit weaknesses in security. Many of these may cause loss ofservice or system crashes.

2. IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is notactually from. There are various forms and results to this attack. The attack may be directed to a specificcomputer addressed as though it is from that same computer. This may make the computer think that it istalking to itself. This may cause some operating systems such as Windows to crash or lock up. Gaining accessthrough source routing. Hackers may be able to break through other friendly but less secure networks and getaccess to your network using this method.

3. Session Hijacking - An attacker may watch a session open on a network. Once authentication is complete, theymay attack the client computer to disable it, and use IP spoofing to claim to be the client who was justauthenticated and steal the session. This attack can be prevented if the two legitimate systems share a secretwhich is checked periodically during the session.

4. Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear)authentication from the client. The attacker will run this utility while acting like the server while the userattempts to login. If the client is tricked into sending LANMAN authentication, the attacker can read theirusername and password from the network packets sent.

5. DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the rightconditions, but may not be real practical as an attack form. The attacker will send incorrect DNS informationwhich can cause traffic to be diverted. The DNS information can be falsified since name servers do not verifythe source of a DNS reply. When a DNS request is sent, an attacker can send a false DNS reply with additionalbogus information which the requesting DNS server may cache. This attack can be used to divert users from acorrect webserver such as a bank and capture information from customers when they attempt to logon.

27


28/29

28


Glossary of Terms

1. Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized

access.2. Viruses - This type of malicious code requires you to actually do something before it infects your computer.

This action could be opening an email attachment or going to a particular web page. It reproduces itself byattaching to other executable files.

3. Worms - Worms propagate without your doing anything. They typically start by exploiting a softwarevulnerability (a flaw that allows the software's intended security policy to be violated). Then once the victimcomputer has been infected, the worm will attempt to find and infect other computers. Similar to viruses,worms can propagate via email, web sites, or network-based software. The automated self-propagation of

worms distinguishes them from viruses. Self-reproducing program. Creates copies of itself. Worms that spreadusing e-mail address books are often called viruses.

4. Trojan horses - A Trojan horse program is software that claims to do one thing while, in fact, doing somethingdifferent behind the scenes. For example, a program that claims it will speed up your computer may actually besending your confidential information to an intruder.

5. Spyware - This sneaky software rides its way onto computers when you download screensavers, games, music,and other applications. Spyware sends information about what you're doing on the Internet to a third-party,usually to target you with pop-up ads. Browsers enable you to block pop-ups. You can also install anti-spyware

to stop this threat to your privacy.

6. DoS- Denial of Service

7. Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.).

28


29/29

29


Legal Stuff

Intel opyright Notice 2014 Intel Corporation

onfidentiality Notice:OK for Non-NDA Disclosure

Trademark Notice

Intel and the Intel logo, are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands maybe claimed as the property of others.

See Trademarks on intel.com for full list of Intel trademarks.

Intel Product/Roadmap forecast info

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intelproduct specifications and roadmaps.

Intel Business forecast info

Statements in this document that refer to Intels plans and expectations for the quarter, the year, and the future, areforward-looking statements that involve a number of risks and uncertainties. A detailed discussion of the factors that couldaffect Intels results and plans is included in Intels SEC filings, including the annual report on Form 10-K.

Intel Business Requirements forecast info

Any forecasts of goods and services needed for Intels operations are provided for discussion purposes only. Intel will haveno liability to make any purchase in connection with forecasts published in this document.

tsensors san diego sandhi bhide - context sensors and security for internet of things-nov 12-13-2014

Documents