Has My IoT Device Been Hacked? Establishing Trust w/ Remote Attestation • Edlira Dushku • GOTO 2023
This presentation was recorded at GOTO Aarhus 2023. #GOTOcon #GOTOaar
https://gotoaarhus.com
Edlira Dushku - Assistant Professor in Cyber Security at Aalborg University
RESOURCES
https://linkedin.com/in/edliradushku
ABSTRACT
IoT devices are becoming more prevalent in our daily lives, with applications ranging from smart homes to industrial automation systems. These devices are often connected to sensitive information and resources and are vulnerable to a wide range of security threats. For example, an adversary can use IoT devices to disrupt their operation, steal sensitive information, or gain unauthorized access to resources, and the consequence could be fatal.
Aimed at providing integrity guarantees, Remote Attestation (RA) has been proposed as a security technique that allows a remote entity to verify the trustworthiness of a potentially compromised device. RA checks the software integrity and detects unexpected modifications in device configuration. In particular, RA allows an untrusted device to generate reliable evidence about the current state and convince a remote Verifier that the device is running legitimate software. RA can be used to respond to security threats to minimize the impact of security breaches and ensure that devices are operating securely.
The RA protocols proposed in the literature make different assumptions regarding device architectures, attack scenarios, and security requirements. This talk first gives a brief introduction to IoT security and Remote Attestation. Then, it presents the most significant RA schemes in the IoT domain, including a three-fold discussion, (1) reviewing the working mechanisms of the state-of-the-art RA techniques in the IoT domain, (2) discussing the attestation mechanisms for IoT swarms, (3) presenting future challenges and promising research directions. [...]
TIMECODES
00:00 Intro
01:37 Agenda
02:27 IoT security
12:08 Remote attestation protocols
32:27 Open challenges
39:00 Conclusions
39:54 Outro
Download slides and read the full abstract here:
https://gotoaarhus.com/2023/sessions/2591
RECOMMENDED BOOKS
Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf
Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz
Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC
Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3
Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6
Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2
https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#IoT #Security #Cybersecurity #RemoteAttestation #RA #Programming #SoftwareEngineering #EdliraDushku #SecurityByDesign #AdversaryModels #SEDA #Privacy
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech
Sign up for updates and specials at https://gotopia.tech/newsletter
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Видео Has My IoT Device Been Hacked? Establishing Trust w/ Remote Attestation • Edlira Dushku • GOTO 2023 канала GOTO Conferences
https://gotoaarhus.com
Edlira Dushku - Assistant Professor in Cyber Security at Aalborg University
RESOURCES
https://linkedin.com/in/edliradushku
ABSTRACT
IoT devices are becoming more prevalent in our daily lives, with applications ranging from smart homes to industrial automation systems. These devices are often connected to sensitive information and resources and are vulnerable to a wide range of security threats. For example, an adversary can use IoT devices to disrupt their operation, steal sensitive information, or gain unauthorized access to resources, and the consequence could be fatal.
Aimed at providing integrity guarantees, Remote Attestation (RA) has been proposed as a security technique that allows a remote entity to verify the trustworthiness of a potentially compromised device. RA checks the software integrity and detects unexpected modifications in device configuration. In particular, RA allows an untrusted device to generate reliable evidence about the current state and convince a remote Verifier that the device is running legitimate software. RA can be used to respond to security threats to minimize the impact of security breaches and ensure that devices are operating securely.
The RA protocols proposed in the literature make different assumptions regarding device architectures, attack scenarios, and security requirements. This talk first gives a brief introduction to IoT security and Remote Attestation. Then, it presents the most significant RA schemes in the IoT domain, including a three-fold discussion, (1) reviewing the working mechanisms of the state-of-the-art RA techniques in the IoT domain, (2) discussing the attestation mechanisms for IoT swarms, (3) presenting future challenges and promising research directions. [...]
TIMECODES
00:00 Intro
01:37 Agenda
02:27 IoT security
12:08 Remote attestation protocols
32:27 Open challenges
39:00 Conclusions
39:54 Outro
Download slides and read the full abstract here:
https://gotoaarhus.com/2023/sessions/2591
RECOMMENDED BOOKS
Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf
Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz
Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC
Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3
Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6
Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2
https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#IoT #Security #Cybersecurity #RemoteAttestation #RA #Programming #SoftwareEngineering #EdliraDushku #SecurityByDesign #AdversaryModels #SEDA #Privacy
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech
Sign up for updates and specials at https://gotopia.tech/newsletter
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Видео Has My IoT Device Been Hacked? Establishing Trust w/ Remote Attestation • Edlira Dushku • GOTO 2023 канала GOTO Conferences
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
10 Learnings From Running Production Infrastructure at Google • Christof Leng • GOTO 2023
How to Scale Everything, Not Just Technology • Lea Medhurst • YOW! 2018
Building a Culture of Experimentation at Pinterest • Andrea Burbank • YOW! 2018
Cost of a Dependency • Lee Campbell • YOW! 2019
Learning from Incidents • Andrew Hatch • YOW! 2019
Don’t Do E2E Testing • Dave Farley • GOTO 2023
Reduce System Complexity with Data-Oriented Programming • Yehonathan Sharvit • GOTO 2023
Concurrency Oriented Programming in a Modern World • Robert Virding & Francesco Cesarini • GOTO 2023
Five Lines of Code • Christian Clausen & Kevlin Henney • GOTO 2023
Shaping Language in Cybersecurity For People • Ceri Jones • GOTO 2023
Simplifying Dev Environments with the Right Tools • Christian Heilmann & Julian Wood • GOTO 2022
Writing For Nerds - Blogging For Fun and (Not Much) Profit • Charles Humble • GOTO 2023
Minimum Viable Architecture • Randy Shoup • YOW! 2022
Protect Your Code with GitHub Security Features • Rob Bos • GOTO 2023
Why Most Data Projects Fail & How to Avoid It • Jesse Anderson • GOTO 2023
Java in the Cloud with GraalVM • Alina Yurenko • GOTO 2023
Sonic Pi - BEAM Up The VJ! • Sam Aaron • GOTO 2023
Typing Is Not The Bottleneck • Damian Maclennan • YOW! 2019
Platform Engineering on Kubernetes • Mauricio Salatino & Thomas Vitale • GOTO 2023
Why Static Typing Came Back • Richard Feldman • GOTO 2022