|09:00 to 17:00 GST/GMT+4
|09:00 to 17:00 GST/GMT+4
Today’s Internet of Things (IoT) market is developing rapidly, and presents the security community with a difficult challenge. How do you monitor or limit the dangers that IoT devices can bring to the workplace (and at home), while recognizing the explosion in the market of products to include: kitchen gadgets, watches, web cameras, smart televisions, smart speakers (Alexa, Google Home), Wi-Fi routers, to all forms of consumer and hospital-grade medical devices/equipment, from the “connected car,” and onto Smart Cities and Smart Factories (Industry 4.0).
Basically, if it has an on/off switch, either a consumer or the business wants to give it an IP address, and connect it with other devices or the Internet for monitoring, advertising or the promise of “ easier management.” IoT devices have become an indispensable part of people’s lives, but its threat to your personal/business data, and privacy will continue to grow.
The reality is that IoT devices are here to stay, and their threat will only grow as the line between working from home or at the office continues to blend together. In addition, the threat IoT devices bring to systems that cannot be traditionally monitored, lateral movement after an attack, and the dangers that ransomware also brings to a business means that gaining control of the threat of IoT is something that cannot be ignored.
This course will explain the concept and architecture of IoT devices, and then jump into legit “in the wild” / real hacking techniques and analysis used against real targets. We will also review the real world exploit, as a framework for how these security issues start through development, so that students can get a glimpse of the world of IoT security.
There are a lot of hands- on Lab exercises in this course, which is very suitable for students who want to be taught by hand, and will foster learning from within the course and hands-on instruction, as well as working at home or in your home lab.
• What is IoT? • Exploring OWASP IoT Top 10 • Introduce Attack Vector of IoT devices • Experience and Analyze MQTT protocol (Lab)
• Tool Introduction • Basic ARM Exploitation • Exploit Mitigation Techniques • Bypass Mitigation
• Firmware Analysis Process Overview • Common Firmware Analysis (Static and Dynamic) • Encrypted Firmware Analysis (Static and Dynamic) • Fix Hardware Dependency
• Analyze and Compile IoT Malware • Build IoT Botnet
• Attack Vectors Analysis on Car • Build Car Simulation • Cat Attack Exercise
• Hardware Penetration Testing Overview • Exploit Hardware Debug Ports • Radio Frequency Penetration Testing Overview • Demos