Download Secure Processing in IOT World

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
Document related concepts

Distributed firewall wikipedia , lookup

Distributed operating system wikipedia , lookup

Wireless security wikipedia , lookup

Computer security wikipedia , lookup

Transcript 
Ismi Abidi
Himani Raina
Omais Shafi
Sonal Swarnima
S. R. Sarangi
In collaboration with Kyushu University, Japan
Introduction
 What is the Internet of Things (IoT)?
 Interconnection and participation of everyday objects
via the internet that enables these objects to collect and
exchange data .
 In formal terms
According to Ciccozzi et al. –“IoT is characterized by an
unprecedented set of heterogeneous, distributed, and
intelligent things such as simple actuators, sensors, and
RFID tags, as well as more complex devices such as
computers, self-driving vehicles, and autonomous
robots.”
2
IoT World
Home
• Health
• Entertainment
• Utilities and
appliances
• Health
• Security
Users
• Personal User
• Doctors
• Industrialists
• Policy Makers
Transport
• Traffic
• Parking
• Highways
• Emergency
Services
IoT
(Anytime,
Anything,
Anywhere)
Community
• Smart Metering
• Surveillance
• Factory
• Environment
National
• Utilities
• Smart Grid
• Remote
Monitioring
• Defense
• Infrastructure
3
Motivation
 Key challenges in the IoT World
 Management of heterogeneous data
 Performance
 Potential threat to unauthorized use of consumer data.
 Rising security risks.
 Limitations of IoT devices–size and processing power–
leads to reduction of encryption as well as other power
dissipating security measures.
4
Security Concerns
 Possible Threats and Attacks:
 Sound waves used to trick accelerometer in IOT devices like
Fitbit [Feng et al.].
 Cyber attacks against Dyn, which provides DNS to Reddit,
Twitter, were launched using IoT botnet, Mirai.
 Former US Vice President Dick Cheney’s doctors disabled his
pacemaker’s wireless capabilities to thwart possible
assassination attempts
 Insecure routers and webcams.
 Vulnerabilities in devices such as security cameras and digital
video recorders.
 Exploitation of wireless communication for IP connected
security systems, medical devices such as pacemakers, insulin
pumps.
5
Securing IoT
using
virtualization
• Introduction
• Threat Model
• Proposed Work Flow
Performance
Security Power
Trade-off
• Comparative analysis
• Challenges
• Proposed Methodology
Secure
Execution of
Distributed
Systems
• Statement
• Components
• Architecture
6
Securing IoT devices using
Virtualization
7
Virtualization- A solution
Performance
Maintenance
Virtualization
Concerns
Security
Cost
8
Virtualization- A solution
 Commercial solutions to
secure hardware using
virtualization
 ARM TrustZone
 Intel Trusted Execution
Technology [Greene et
al.].
 Intel Software Guard
Extension
ARM TrustZone
9
VMI
Trusting the
hypervisor
Protection from hypervisor
Hypervisor
hardening
Static code, Control Flow, Non-control data
Minimize TCB
TCB
reduction
Moving to
Hardware
Complexity of Solutions
Less Deployability
Protection from the
Admin VM
Move components outside hypervisor
Nested
Virtualization
Add another layer before
hypervisor
HW-assisted
solutions
Hypervisor secure
virtualization at HW
Root-of-trust
& Remote
attestation
Protected
Containers
10
Related Work
Smartphone
virtualization
Solutions
Cells, Condroid, Vdroid,
Brahma
Securing Mobile
Devices
AP virtualization,
Offloading security from
medical device to new
additional PAN security
device
Trusted Execution
Environment
TrustZone Based solution
for IoT edge devices, real
systems, mission critical
systems
Sandboxing
Accelarators, GPU,
Android Runtime
Analysis
11
Threat Models
 Threat Model [Sgandurra et al.] consists of:
 Threat
 Attacks- DDoS, privilege escalation, side channel
attacks
 Security Assumptions
 Basis from which security control is enforced
 Trust Assumptions
 Level of trusts in system’s components
 Cloud providers, proofs, assessments
12
Threat Model
Threats
Security Assumptions
Trust Assumptions
13
DoS, DDoS
Buffer Flow
Software Attacks
Man-in-the middle-attack
Bluetooth Jamming
TCP/IP hijacking
Threats
Firmware modifications
Attack via ethernet adapter
Blue Pills
Hardware Attacks
Privilege Escalation
TLB Splitting
Side channel Attacks
14
Access and tempering of
physical system
Physical
Level
Malicious BIOS/ DMA
Trusted Boot
Known Hardware
Specification
Security
Assumptions
OS vulnerability
Virtualization
Level
Untrusted OS
Introspection enabled
Configuration Interface protection
15
Nature of service provider
Trust
Assumptions
Cloud level
Cloud service model
16
Proposed Work Flow
Collection of
source code of
small devices
Simulation
of attacks on
devices
Countermeasures
17
Starting pointLow power
device
EEMBC
benchmarks
Open source
code for
• Medical
devices
• Smart meters
• Acceleromet
er
• Gyroscope
• Gesture
sensors
Simulation
of attacks
Identify
security and
trust
assumptions
Analyze
and find
backdoors
in the
source
code
Reverse
engineer
data flow
and
control
flow
Countermeasures
API
virtualization
Lightweight
paravirtualiztion
Locked
communication
between two devices
Virtualizing binary
translation
Machine
Learning
18
Solution using Trap to hardware
System
call
Binary Editor
Trap to Hardware
Network
Comm.
Source
Code
Device
Instrumentation
Log files
Analyzer
Efficient Remote Attestation
 Intelligent Hashing
 Check Modification in source code
 Power efficient technique
App
App
App
VM1
App
VM2
Power Efficient Remote
Attestation
Hypervisor
Hardware
Implementation Features
Security
Performance
Portability Transparency Limitations
Power – Performance Security Trade-off
22
High Power vs Low Power Devices
Issue/Feature
Server Systems
IOT devices
Device Power
High
Low
Resource constrained
No
Yes
Use case
Homogeneous OSs
Heterogeneous OSs
Hard Real time capability
No
Yes
Major Hardware ISA
Intel
ARM
Security
Power
Performance
Challenges
Cost
Power
Performance
Security
Encryption Mechanisms
Cryptographic
algorithms
Throughput
Security
(Encryption/Decr
yption) (MB/s)
Power
AES
4.17/6.45
Highly Secure
High
DES
4.01/6.35
Medium
High
3DES
3.45/5.66
Medium
High
Blowfish
25.89/18.72
Highly Secure
Low
RC2
3.24/4.98
Low
High
RC6
7.19/7.43
Medium
Medium
Comparison of various
Cryptographic Algorithms
25
20
MB/s
15
Encryption
10
Decryption
5
AES
DES
3DES
Blowfish
RC2
RC6
0
Throughput Analysis
4
3.5
3
2.5
2
1.5
1
0.5
0
Power(µJo
ule/Byte)
AES
DES
3DES
Blowfish
RC2
RC6
30
Power Analysis
IoTSim
 IoTSim is capable of modelling the behaviour of a
network of IoT nodes embedded with sensors and
actuators, integrated with a centralised cloud.
Cloud
Smart Gateway
Se
Sensor and Actuator
network
Components of IoT simulator
Overall
simulator
design
Cloud
Switches
VM
Storage
Hosts
Cloud
Scheduling
Allocation
policies
policies
Smart Gateway
IoT Node
Sensor and Actuator network
Actuators
Sensors
Processor
IoT
Node
Cloud
Repeater
Sensor
network
Applications of IoTSim
 Simulate a scenario of smart homes or smart
cities, which are gaining momentum in today’s
world.
 Simulate a smart parking space and choose the
best configuration of all types of devices for
actual physical deployment.
Proposed Work Flow
Characterize
an IoT job
Run jobs on
IoTSim
Study
power, perf.,
and security
Secure Exexcution in
Distributed Systems
32
Hacking of License Manager
 CPU emulators can be used for dynamically
analyzing a binary’s execution
 Strategies to spoof a valid run:
 Control Flow Deviation Analysis: Ascertain the difference
in the control flow of the application with a valid license key
and an invalid one.
 Call Graph Alteration: Analyse the call stack of the
application. Try to skip a correct function or flip a correct
branch
33
Control Flow Deviation Analysis
Execution
when
wrong
license file
is given
Initialize
Application
License
Validation
Execute
Application
EXIT
Execution
when
correct
license file
is given
SKIP THE
LICENSE CHECK
Call Graph Alteration (CGA)
1.
2.
3.
4.
5.
6.
…
func1()
…
…
…
licenseCheck
()
7. …
8. func2()
9. …
Region of
interest
Jump leads
to crash
1.
2.
3.
4.
5.
6.
…
…
foo()
…
…
bar()
1. …
2. …
3. crc_check()
4. …
5. …
7. …
8. …
Instructions to be
executed in future
Skipping
multiple
instructions
Skipping a
single
instruction
Secure Execution
 Securing the control flow of a program (e.g. license
manager)
 Ensure integrity of a binary, data and execution
irrespective of OS/ CPU emulators/ VMM
 Generic software based approach to create secure
sandboxes for program execution
 Avoid the high overhead of the hardware based techniques
 Ability to mark parts of software as secure/ non-secure
36
Secure Execution – Components
Management Protocols
• Attestation for code
integrity
Root of Trust
• H/W coupled secure boot
of application
Secure Program
Execution
Secure IO
• Secure communication
(IPC/ Socket), Exception
Memory Protection
• Hardware supported
Execution aware security
37
Secure Execution – Components
 Management Protocols
 Local attestation of application to ensure code integrity over
time
 Root Of Trust
 Hardware driven (circuit derived) cryptographic key to ensure
secure installation and execution
 Memory Protection
 Execution Aware memory protection - Modules with security
guarantees enforced, independent of OS/ VMM
 Secure IO
 Secure communication between secure code running on same
host or different hosts
38
Secure Execution – Architecture
Secure
Memory
Secure
Comm.
Attester
Secure
Application
Normal
Application
RTOS/ VMM
Secure Install
Key Manager
MPU
CPU
39
Thank You
40
Related documents
Position: Product Marketing Manager Location
Position: Product Marketing Manager Location
What IoT can bring to citizens, cities, and society
What IoT can bring to citizens, cities, and society
Startups Descriptions (English) 1.FF Robotics FFRobotics presents
Startups Descriptions (English) 1.FF Robotics FFRobotics presents
PRO-IV`s patented IoT system connects the
PRO-IV`s patented IoT system connects the
GE Sr. Marketing Manager_Job Posting
GE Sr. Marketing Manager_Job Posting
Cubicon: a clean slate IoT architecture An interview with Sanford B
Cubicon: a clean slate IoT architecture An interview with Sanford B
Diapositiva 1
Diapositiva 1
lecture 14: virtualization
lecture 14: virtualization
DK1000 Smart Object
DK1000 Smart Object
Private Company Services Hot Topics Internet of Things
Private Company Services Hot Topics Internet of Things