tsensors san diego sandhi bhide - nov 12-13 - final

Context Sensors and Security for Internet of Things

Sandhiprakash Bhide, Director of Innovation, Future

IOT Solutions

Application Ready Platforms Division, IOT Group

Intel Corporation

November 12-13, 2014 Photo Credit: http://www.lapalaparealty.com/wp-content/uploads/2013/01/SanDiego3.jpg

Sandhi Bhide – Intel Corporation, TSensors Summit, San Diego, CA. Nov. 12-13, 2014. © 2014 Intel Corporation, OK for Non-NDA Disclosure


In the E2E IOT value chain, the sensor

node is the most vulnerable point of

attack

2

3


The Connected Home – 1980’s-1990’s

3

Credit of home slides: Raj Samani, McAfee/Intel

4


Typical Connected Home, Year 2013

4

http://www.google.com/imgres?imgurl=http://www.glidemagazine.com/hiddentrack/wp-content/uploads/2012/04/nest-thermostat-img.jpg&imgrefurl=http://www.glidemagazine.com/hiddentrack/technology-tuesday-nest-thermostat/&usg=__6ydV_NJ-sFfue7fAeuY6yByl6YQ=&h=360&w=538&sz=91&hl=en&start=1&sig2=DTsNMaSt72-WsXpia-R-JA&zoom=1&tbnid=B4xvxMmkRdflOM:&tbnh=88&tbnw=132&ei=4xmoT4unEoeYiQKg36yiAg&prev=/search?q=nest+thermostat&um=1&hl=en&rls=com.microsoft:*&tbm=isch&um=1&itbs=1

5



5

http://www.google.com/imgres?imgurl=http://www.glidemagazine.com/hiddentrack/wp-content/uploads/2012/04/nest-thermostat-img.jpg&imgrefurl=http://www.glidemagazine.com/hiddentrack/technology-tuesday-nest-thermostat/&usg=__6ydV_NJ-sFfue7fAeuY6yByl6YQ=&h=360&w=538&sz=91&hl=en&start=1&sig2=DTsNMaSt72-WsXpia-R-JA&zoom=1&tbnid=B4xvxMmkRdflOM:&tbnh=88&tbnw=132&ei=4xmoT4unEoeYiQKg36yiAg&prev=/search?q=nest+thermostat&um=1&hl=en&rls=com.microsoft:*&tbm=isch&um=1&itbs=1

6



6

7



7

8


Life with Desktop, Laptops, Tablets, and Phones

(~1.6B)

8

Internet

Consumer Devices

Malware

Denial of Service

Spoofing

Physical

Viruses

Worm

Trojan Horse

9


What would your life be with 1T sensors + 50B

devices?

9

Lighting

Entertainment

Energy

Security Cameras

Wearables

HVAC

Internet

Appliances

Sensors

Consumer Devices

Embedded Devices

Malware

Denial of Service

Spoofing

Physical

Viruses

Worm

Trojan Horse

10



Most of the 50B devices will be unprotected and

open to getting hacked !! ↓

Loss of economic value & loss of innocence

(opt-in w/o knowing consequences) ↓

How many 20 pages of legal disclaimers will you

read? 10

11


Hackers are already attacking the industrial world

Hackers break into networks of 3 big medical device makers (SF Chronicle, Feb 10, 2014)

Thousands of IoT control systems vulnerable: DHS Study (Info Week, Jan 11 2013)

Underground copper wire heist causes San Jose freeway flood (SJ Mercury News, Feb 28, 2014)

Target hackers broke in via HVAC company (CNBC, Feb 5, 2014)

How Hackers can take control of your Car (EE Times, Jul 8, 2013)

Attack on California substation fuels Grid Security debate (IEEE Spectrum, Feb 2014)

Shamoon [virus] was an external attack on Saudi Oil Production (Info Security magazine, Dec. 10, 2012))

World First Cyber hijack: Was missing Malaysia flight hacked by mobile phone? (Express, March 16, 2014)

12


New Security Threats to Personal IOT Devices

Fridge sending out spam after web attack compromised gadgets. One of > than 100K devices used in spam campaign. (BBC News. Jan 2014)

“Wearable Computing Equals New Security Risks”, (InformationWeek. 13 Jan 2013)

Medical Devices: We’re starting to attach medical devices to electronic health records, and they’re not secure.' (Healthcare IT News. May 2013)

Credit Card Information System: “Target Confirms Point-of-Sale Malware Was Used in Attack” (Security Week. 13 Jan 2014)

Baby Monitor: Hacker takes over baby monitor and shouts obscenities at sleeping child. (ABC News, 13 Aug 2013)

13


Anonymized data may not be as anonymous as is believed. Or it may be now, but not in the future

How To Track Vehicles Using Speed Data

Alone

Carmakers keep data on drivers' locations

FTC Hearing IoT Privacy Concerns

Connected Home Invasion: The Methods

Car insurance companies reduce the cost of insurance by gathering data about a

customer's driving practices

Report finds automakers keeping info about driver’s location. Owners can’t demand that

info is destroyed

Anyone concerned about privacy would be well advised to weigh in on this before the

issue is taken over

No incentive to secure products. With resources better off spending on the features

that consumers want

http://www.technologyreview.com/view/523346/how-to-track-vehicles-using-speed-data-alone/




http://www.detroitnews.com/article/20140107/AUTO01/301070017/1148/rss25

http://www.detroitnews.com/article/20140107/AUTO01/301070017/1148/rss25

http://www.eetimes.com/author.asp?section_id=36&doc_id=1320530&itc=eetimes_sitedefault

http://www.eetimes.com/author.asp?section_id=36&doc_id=1320530&itc=eetimes_sitedefault

http://readwrite.com/2013/12/30/connected-home-invasion-hack-internet-of-things-home-security?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+readwriteweb+(ReadWriteWeb)

http://readwrite.com/2013/12/30/connected-home-invasion-hack-internet-of-things-home-security?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+readwriteweb+(ReadWriteWeb)

14


Access to Electrical Loading can pose a security

threat

14

15


User’s Perspective of Security

Depends end user and the app

15

Person remains

anonymous

unless opted-in

Privacy

Release of

sensitive/ personal

info without

consent

Safety Data Protection

Does not cause

any harm to

people

Data safe from

theft or alteration

Identity

TRUST

16


Levels of Security Risks

1. Criticality: Potential for damage if system is breached.

Damage can be loss of life, financial loss, or

inconvenience

2. Value of target (to hackers): What will hackers go after?

Is it more valuable for the hacker to attack a thermostat

or a financial institution?

3. Value of market: What is the size of market? How much

would market be willing to pay for security?

17


Security necessarily segments the IOT market

• Different usages require different security mechanisms

• Cost sensitivity implies different security controls for different IOT segments, i.e., smart meters

Three types of security technical issues for IOT devices

• How to secure communications?

• How to detect and recover from malware?

• How to defend the physical security of low cost devices?

IOT Security is important

18


Sensor Security Challenge #1

Software-based sensor attack rates rising

• Sensor data left unprotected:

1. By APIs;

2. In system memory (buffers)

• Once access to sensor data is obtained, information can

be directly or indirectly inferred

19



• Users can’t tell if sensors are on/off and cannot control

use

• Sensor data can be faked -- not certified as authentic --

allowing attacks on sensor-data-based uses

20


1. How do we keep the credentials provisioned in IoT

devices secret from attackers with physical access to the

device?

• Important for infrastructure IoT devices but perhaps not

for personal devices

2. How do we detect IOT Device being tampered?

• Most IoT designs today assume device functionality is

immutable

3. What market segments require device hardening from

physical attack (e.g., will vandalism be common in

infrastructure devices)?


21



21

22


Security by creating a Context around Sensors

Soft Sensors Calendar

Preferences

Interests

Location

Local Services

Physical Sensors Gyro

GPS

Accelerometer

Health

Ultrasonic

Temp/Humidity

CO/CO2/NOx

Toxic Gases/HC

Pressure

Proximity

Touch

Light/IR

Audio/Video

Higher

Level of

Security

Sensor 1 Sensor 2 Sensor 3 Sensor 4

Sensor Collaboration

23


Security, Identity, Privacy, and Safety from the

Source to all levels

In-memory

Sensor Data

Sensor Data

in the Storage

Protected

Execution

Environment

Sensor Data

Comms

1. Only Legitimate/Authorized

Users can access

2. Easy to use environment

with policies to control

sensor data processing and

use

3. Scalable platforms and

sensor types

4. Keeping sensor credentials

secret

Sensor Physical Protection

24



In the E2E IOT value chain, the sensor node is the

most vulnerable point of attack

24

Thank you

Photo Credit: https://www.optumhealthsandiego.com/portal/server.pt/gateway/PTARGS_0_84133_2503_436_70295_43/http%3B/upsprodtools -e.uhc.com%3B7087/publishedcontent/publish/ubhp/sandiego/cmscontent/san_diego.jpg

26



Backup

26

27


Glossary of Terms

1. Hacker Attacks: Indicates attacks that are not automated by programs such as viruses, worms, or Trojan

horse programs. There are various forms that exploit weaknesses in security. Many of these may cause

loss of service or system crashes.

2. IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it

is not actually from. There are various forms and results to this attack. The attack may be directed to a

specific computer addressed as though it is from that same computer. This may make the computer think

that it is talking to itself. This may cause some operating systems such as Windows to crash or lock up.

Gaining access through source routing. Hackers may be able to break through other friendly but less

secure networks and get access to your network using this method.

3. Session Hijacking - An attacker may watch a session open on a network. Once authentication is

complete, they may attack the client computer to disable it, and use IP spoofing to claim to be the client

who was just authenticated and steal the session. This attack can be prevented if the two legitimate

systems share a secret which is checked periodically during the session.

4. Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the

clear) authentication from the client. The attacker will run this utility while acting like the server while the

user attempts to login. If the client is tricked into sending LANMAN authentication, the attacker can read

their username and password from the network packets sent.

5. DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the

right conditions, but may not be real practical as an attack form. The attacker will send incorrect DNS

information which can cause traffic to be diverted. The DNS information can be falsified since name

servers do not verify the source of a DNS reply. When a DNS request is sent, an attacker can send a false

DNS reply with additional bogus information which the requesting DNS server may cache. This attack can

be used to divert users from a correct webserver such as a bank and capture information from customers

when they attempt to logon.

27

28


Glossary of Terms

1. Password cracking - Used to get the password of a user or administrator on a network and gain

unauthorized access.

2. Viruses - This type of malicious code requires you to actually do something before it infects your

computer. This action could be opening an email attachment or going to a particular web page. It

reproduces itself by attaching to other executable files.

3. Worms - Worms propagate without your doing anything. They typically start by exploiting a software

vulnerability (a flaw that allows the software's intended security policy to be violated). Then once the victim

computer has been infected, the worm will attempt to find and infect other computers. Similar to viruses,

worms can propagate via email, web sites, or network-based software. The automated self-propagation of

worms distinguishes them from viruses. Self-reproducing program. Creates copies of itself. Worms that

spread using e-mail address books are often called viruses.

4. Trojan horses - A Trojan horse program is software that claims to do one thing while, in fact, doing

something different behind the scenes. For example, a program that claims it will speed up your computer

may actually be sending your confidential information to an intruder.

5. Spyware - This sneaky software rides its way onto computers when you download screensavers, games,

music, and other applications. Spyware sends information about what you're doing on the Internet to a

third-party, usually to target you with pop-up ads. Browsers enable you to block pop-ups. You can also

install anti-spyware to stop this threat to your privacy.

6. DoS- Denial of Service

7. Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.).

28

29


Legal Stuff

Intel Copyright Notice © 2014 Intel Corporation

Confidentiality Notice: OK for Non-NDA Disclosure

Trademark Notice

Intel and the Intel logo, are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands

may be claimed as the property of others.

See Trademarks on intel.com for full list of Intel trademarks.

Intel Product/Roadmap forecast info

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest

Intel product specifications and roadmaps.

Intel Business forecast info

Statements in this document that refer to Intel’s plans and expectations for the quarter, the year, and the future, are

forward-looking statements that involve a number of risks and uncertainties. A detailed discussion of the factors that

could affect Intel’s results and plans is included in Intel’s SEC filings, including the annual report on Form 10-K.

Intel Business Requirements forecast info

Any forecasts of goods and services needed for Intel’s operations are provided for discussion purposes only. Intel will

have no liability to make any purchase in connection with forecasts published in this document.

http://www.intel.com/sites/corporate/tradmarx.htm

tsensors san diego sandhi bhide - nov 12-13 - final

Documents