lec04_24.pdf

Full Transcript

ELEC S348F
IoT Security

Lecture 4: The IoT Device
Layer Attack Surface
Lecturer Tabitha Tao
Chapter 4 - Sections & Objectives
▪ 4.1 Vulnerabilities and Attacks at the Hardware Layer
Hardware Vulnerabilities
Firmware Vulnerabilities

▪ 4.2 Threat Mitigation of the Physical Device
Network Access Control Concepts
Encryption

▪ 4.3 Wireless Protocol Overview
Bluetooth
WIFI
IEEE 802.15.4
4.1 Vulnerabilities and
Attacks at the Hardware
Layer
Hardware Security
Physical Vulnerabilities of Constrained Devices
▪ Constrained devices placed in remote locations

physical security may be difficult to implement.

▪ Potential vulnerabilities :
Theft of the device.
Physical damage to the device.
Disabling the device, removing power source.
Disabling communication, disconnecting cables or
other means of disruption.

▪ Provide a tamper proof or tamper resistant type of
housing.
Hardware Security
Physical Device Security
▪ Sensor: be moved -> lose calibration
Many smart sensors have the ability to trigger an alarm
when they are not in proper adjustment.
▪ SD card: data stolen or destroyed by an attacker

▪ Standard surveillance and security protocols should be
implemented as a first layer of defense.
▪ you should always have access to the device

▪ implement battery backup to power IoT devices in case
of power outages.
Hardware Security
Hardware Vulnerabilities
▪ Wired magazine published an article in August 2017 - gain access to firmware on numerous
IoT devices using eMMC flash and a $10 SD card reader.
By soldering five wires to the eMMC flash chip and using a standard SD card reader the attacker
was able to retrieve the firmware, operating system, and software on the chip and then save
them to a PC.
After the software is copied it can be examined for code vulnerabilities.

▪ Hardware vulnerabilities include:
Shell access via the UART connection to an IoT
doorbell.
UART hack - a smart refrigerator provided access
to a root shell when the system was rebooted.
Hardware Security
Hardware Vulnerabilities
▪ Other devices with hardware-based vulnerabilities that have been exploited include:
Blu-Ray players
Cameras
Home automation devices
Media players
Music players
NAS devices
Printers
Televisions
VoIP hardware
Medical devices
Networking devices
Android TV devices
Hardware Security
Lab – Investigate the FCC Database
Firmware Vulnerabilities
Firmware Vulnerabilities
▪ IoT devices require firmware to run.

▪ Firmware : embedded software, contains a minimal operating system and related programs
▪ Security vulnerabilities: firmware-related vulnerabilities for IoT devices are similar to those of other
computers or networking devices.
Firmware Vulnerabilities
Firmware Vulnerabilities (Cont.)
▪ These vulnerabilities include the following:

Default Login Credentials
default login credentials were not changed. i.e admin/admin
Change usernames and passwords to meet strong criteria before connecting

Distributed Denial of Service (DDoS) attacks
require botnets of infected systems
hackers use automated script to log into remote devices and copy the infected software.

Out-of-Date Firmware
hacker will usually check if the firmware is out of date
or look for unpatched exploits
Firmware Vulnerabilities
Firmware Vulnerabilities (Cont.)
▪ These vulnerabilities include the following:

Buffer Overflow Attacks
If the programmer does not account for the appropriate size of the input
cause corrupt data, a denial of service, or could allow malicious code to run on the target system.

Backdoor Installation
after the attacker gains remote access
attacker could run the netcat command and execute malicious commands remotely
network diagnostic and testing tools can make the devices more exploitable if unauthorized entry occurs.
Firmware Vulnerabilities
Firmware Update Issues
▪ Updating IoT firmware and installing patches to fix security
vulnerabilities are critical components of network security.

▪ IoT security has not kept up with the growth rate of IoT
devices.
patches do not exist for security vulnerabilities for devices
device not be updatable or patchable

▪ IoT devices in an organization might number in the thousands
or tens of thousands.
realize challenge
verify upgrades and patches source
Firmware Vulnerabilities
Firmware Update Solutions
1. keep a database of IoT devices and firmware
information.

2. update firmware as soon as new releases come out
3. check the manufacturer’s website for updates on a
regular basis

4. monitor or subscribe to security vulnerability services

5. have an automatic system for updating firmware and
installing security patches
6. any firmware updates or patches are digitally signed
and verified before installing
Firmware Vulnerabilities
Rooting an OS

▪ Rooting an IoT device - attacker followed a process that
successfully granted him root access.

▪ Root access provides attacker complete control over that
device.

▪ JTAG and UART interfaces are common attack vectors for
gaining root access to the device.
read the device’s memory and modify the firmware
look for vulnerabilities and introduce new security holes.
4.2 Threat Mitigation of the
Physical Device
Network Access Control Concepts
Access Control Models
▪ Different basic access control models：

Mandatory access control (MAC) - the strictest access control
used in military or mission critical applications
provides users with access based on their security level clearance
Discretionary access control (DAC) - allows users to control access to their data as owners
of that data.
Non-Discretionary access control - based on an individual's roles and responsibilities within
the organization
Attribute-based access control (ABAC) - based on attributes of the object (resource), the
subject (user) accessing the resource, and environmental factors regarding how the object is
to be accessed, such as time of day.

▪ Principle of least privilege - users should be granted the minimum amount of access required to
perform their work function. /Privilege escalation exploit
Network Access Control Concepts
OAuth 2.0 Authorization Framework
▪ OAuth 2.0 Authorization
Framework

standardized protocol for
internet-based authentication
and authorization.
access control of IoT devices
to make them more secure by
having a server handle the
authorization of resources.
Network Access Control Concepts
OAuth 2.0 Authorization Framework (Cont.)
1. client sends authorization request to the resource
owner.

2. resource owner sends back an authorization grant
to the client.

3. client sends the authorization grant to the
authorization server, requests an access token,
and tries to authenticate.

4. authorization server validates the authorization
grant and sends an access token back to the client

5. client sends the access token to the resource
server to make a resource request.

6. resource server allows access to the requested
resource
Encryption
Data and Password Security

▪ Encryption - ensure data confidentiality.

▪ Encrypting - applying an algorithm to data that
will make it unreadable to those who are not
authorized to see the information.

▪ should be encrypted : password, sensitive
information

▪ Encryption for IoT data is critical because
information being transmitted could contain
sensitive information.
▪ IoT devices are vulnerable because many older
IoT devices currently in production do not support
encryption.
Encryption
Public Key Cryptography

▪ Cryptography

▪ Symmetric Cryptography - sender uses the secret key to encrypt the message, and the receiver
uses the same secret key to decrypt the message.
Challenge: secure key management.
▪ Public-key cryptography was introduced in 1976 by Whitfield Diffie and Martin Hellman in order to
solve the secure key management problem.

pair of keys: public key and private key
- public key is published while the private key is kept secret
Encryption
Public Key Cryptography
Encryption
Public Key Cryptography
Encryption
Authorities and the PKI Trust System
▪ Public Key Infrastructure (PKI) with its Certificate Authority (CA) is needed to support large-
scale distribution and identification of public encryption keys.
PKI Certificate – Certificates contain an entity’s or individual’s public key.
Certificate Store – Resides on a local computer and stores issued certificates and private keys.
PKI Certificate Authority –signs these certificates using its private key.
Certificate Database – stores all the certificates by the CA.
Encryption
Authorities and the PKI Trust System (Cont.)
▪ Bob has received his digital certificate
from the CA. This certificate is used
whenever Bob communicates with
other parties.
▪ Bob communicates with Alice.

▪ When Alice receives Bob’s digital
certificate, she communicates with the
trusted CA to validate Bob’s identity.

▪ Challenge: large number of IoT
devices is time-consuming and may be
impossible to manage as more devices
are added.
4.3 Wireless Protocol Overview
Wireless Protocols
Wireless Protocol Overview

Bluetooth
Wifi
IEEE 802.15.4
Wireless Protocols
Who is Bluetooth?

Harald Bluetooth
Wireless Protocols
Bluetooth History

Initially developed by Dr. Jaap Haartsen at
Ericsson in 1994
Bluetooth 1.0 released in 1999
○ The first mobile device launch in market was
Sony Ericsson T36
Bluetooth 2.0 released in 2004
Bluetooth 3.0 released in 2009
Bluetooth 4.0 released in 2010
Bluetooth 5.0 released in 2016
Bluetooth 5.2 released in 2020
Wireless Protocols
Bluetooth
Bluetooth network topology
Piconet
Master can connect to 7 simultaneous or 200+ active slaves per
piconet
Unique hopping pattern/ID
Scatternet
High capacity system
Minimal impact with up to 10 piconets within range
Bluetooth network topology

Piconet

Connected in an ad hoc fashion
One master and the others are slaves
Each piconet has a unique frequency hopping pattern, decided by the
master
One master, up to 7 simultaneous slaves, up to 255 parked slaves
Wireless Protocols
Bluetooth

Bluetooth network topology
Form a piconet
Master gives slaves its clock and device ID:
Hopping pattern is determined by device ID
Phase in hopping pattern determined by clock

Addressing:
Active Member Address(AMA, 3 bit)
Parked Member Address(PMA, 8 bit)
Bluetooth network topology

Scatternet

Linking of multiple co-located piconets through the sharing of common
master of slave devices.
A device can participate in multiple Piconets
A device can be slave in one piconet and master of another
Must synchronize to the master of the current piconet
Wireless Protocols
Bluetooth

Bluetooth Address
NAP:Non-significant Address Part (2 bytes). Contains first
16 bits of the OUI. -used in Frequency Hopping
Synchronization frames.

UAP:Upper Address Part (1 byte). Contains remaining 8
bits of the OUI. - used for seeding in various Bluetooth
specification algorithms.

LAP:Lower Address Part (3 bytes), allocated by the
vendor of device. - identifies a Bluetooth device as part of
the Access Code in every transmitted frame.
Wireless Protocols
Bluetooth

Bluetooth States in the connection process:
1. Inquiry -- try to discover the others
2. Paging (Connecting) -- forming a connection between two Bluetooth devices,
need to know the address found in the inquiry process
3. Connection -- enters the connection state:
○ Active Mode -- regular connected mode, where the device is actively
transmitting or receiving data.
○ Sniff Mode -- power-saving mode, where the device is less active. It'll sleep
and only listen for transmissions at a set interval (e.g. every 100ms).
○ Hold Mode -- temporary, power-saving mode. device sleeps for a defined
period and then returns back to active mode The master can command a
slave device to hold.
○ Park Mode -- deepest of sleep mode. A master can command a slave to
"park", and that slave will become inactive until the master wake it up.
Bluetooth Radio Layer

Bluetooth operates in the 2.4GHz ISM band
This is unlicensed but shared with other applications (Wi-Fi, baby
monitors, microwave ovens, etc.)
To ensure robustness to interference, signals are transmitted using a
technique called Frequency Hopping Spread Spectrum (FHSS)
Each transmission takes place on a different channel, peers switch
rapidly between them
Wireless Protocols
Bluetooth
Bluetooth Radio Layer
79 channels of 1MHz width, up to 1600 hops/sec
Pseudo-random hopping sequence dictated by master, derived from the master clock and (part
of the master device address), following a set of XOR and permutation operations

Slot duration: 625us. A packet may occupy 1, 3, or 5 slots.
Bluetooth Link Layer

Data preceded by a 72-bit Access Code and 54-bit Header always transmitted at
the basic rate (1Mb/s)
16-bit CRC computed on payload
Payload and Header scrambled with a ‘whitening’ word (linear feedback shift
register initialised with portion of master clock) - the idea is to avoid long
sequences of all zero/one bits
Sync Word: include Bluetooth Address
Bluetooth frame format
Exercise

A slave wants to transmit 450 bytes of
information using Bluetooth basic rate @ 1Mb/s.

How long will it take?

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Exercise

A slave wants to transmit 450 bytes of information using Bluetooth basic rate @
1Mb/s. How long will it take?

Packet length: 72b (access code) + 54b (header) + 450*8b (payload)
+16b (CRC) = 3,742b At 1Mb/s this would require 3,742us.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Exercise

Slot size is 625us, Tx can occupy 1, 3, or 5 slots.
That is 625, 1875, or 3125us. Packet cannot fit in 5 slots. How much
info can you put into 5 slots then?
3,125b – 72b – 54b – 16b = 2,983b BUT max payload is 2744.
So you need another transmission for 450*8 - 2744 = 856b of data
With access code, header and CRC, this comes to 998b which is
more than 1 slot but less than 3.
In one slot you can put 625 – 72 – 54 – 16 = 483b

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Exercise

First transmission 5 slots (2,744b) – 3,125us
Master polls – 625us
Second transmission 1 slot (483b) – 625us
Master polls – 625us
Third transmission 450*8-2744-483 = 373b
Add access code, header, CRC -> 72+54+373+16 = 515b -> 515us

Total: 3,125+625*3+515 = 4,265us

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Wireless Protocols
Bluetooth

Bluetooth Low Energy (BLE)

Many similarities, but also a couple of differences
Master == Central; Slave == Peripheral
40 channels, 2.4 GHz radio frequency
The LE version provides much-reduced power consumption without
sacrificing range.
BLE connection set-up
Device discovery much faster (periodic advertisement interval between 20ms-10.24s +
a random delay between 0-10ms to avoid collisions)
Four types of advertisement packets:
ADV_IND – used by peripheral to requests connection to any central device
ADV_DIRECT_IND - connection request directed at a specific central device.
ADV_NONCONN_IND - Non connectable devices, advertising information to any
listening device (beacons)
ADV_SCAN_IND - Similar to ADV_NONCONN_IND, with optional additional
information via scan responses.
Wireless Protocols
Bluetooth

BLE connection set-up
1. If a connection request is accepted, a hop increment is agreed and the two
peers hop accordingly, by adding increment to current channel index

2. A channel map can also be agreed, i.e. some channel scan be avoided.

3. The central also assigns a (private) address to a connecting peripheral, which
is generated randomly

4. This access address will uniquely identify the physical channel between two
devices

5. Hopping interval can also be renegotiated after connection set-up (energy
saving).
Wireless Protocols
WIFI

Wifi
IEEE 802.11: responsible for developing wireless protocols ―Many standards
Basic Service Set: the smallest building block
BSSs connected via Aps(access point)
Extended Service Set: two or more BSSs
Wireless Protocols
WIFI

Wifi Security

Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)
WPA2

Security level： WEP < WPA < WPA2
WEP - Wired Equivalent Privacy

The original native security mechanism for WLAN
provide security through a 802.11 network
Used to protect wireless communication from eavesdropping (confidentiality)
Prevent unauthorized access to a wireless network (access control)
Prevent tampering with transmitted messages
Provide users with the equivalent level of privacy inbuilt in wireless networks.
Wireless Protocols
WIFI
WEP - Wired Equivalent Privacy

Weak keys:
It allows an attacker to discover the default key being used by the Access
Point and client stations
This enables an attacker to decrypt all messages being sent over the
encrypted channel.
IV (initialization vector) reuse and small size:
There are 224 different IVs
On a busy network, the IV will surely be reused, if the default key has not
been changed and the original message can be retrieved relatively easily.
Wireless Protocols
WIFI

Wi-Fi Protected Access (WPA)

Replacement of security flaws of WEP
Improved data encryption
Strong user authentication
Because of many attacks related to static key, WPA
minimize shared secret key in accordance with the frame
transmission
Use the RC4 algorithm in a proper way and provide fast
transfer of the data before someone can decrypt the data.
WPA2 - WI-FI Protected Access 2

2 versions: Personal & Enterprise
The primary enhancement over WPA is the use of the AES (Advanced
Encryption Standard) algorithm
AES or TKIP(temporal key integrity protocol )
Personal mode uses a PSK (Pre-shared key) & does not require a separate
authentication of users
Enterprise mode requires the users to be separately authenticated by using
the EAP protocol
Wireless Protocols
IEEE 802.15.4 Overview

▪ The computational operating power constraints of many IoT
things required new wireless protocols to be developed to
enable things to communicate on networks.

▪ IEEE 802.15.4 protocol
The IEEE 802.15.4 protocol was originally
developed for use in personal area networks
(PANs).
802.15.4 consists of media access layer (MAC)
and physical layer (PHY) and specifications.
Wireless Protocols
IEEE 802.15.4 Device Roles

Full Function Device (FFD) –operate
as a PAN coordinator and
communicate with any other device.

Personal Area Network (PAN)
Coordinator - One FFD is designated
as the PAN coordinator for the WSN.

Reduced Function Device (RFD) –
simple devices can only communicate
with FFDs or the PAN coordinator.

RFDs can never act as the coordinator.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Wireless Protocols
IEEE 802.15.4 Topologies

Star Topology

Mesh Topology

Cluster Tree

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
 IEEE 802.15.4 Topologies

Star Topology

○ All devices communicate with PAN coordinator
○ PAN coordinator : fixed power supply
○ other devices: battery powered
 IEEE 802.15.4 Topologies

Mesh Topology

○ any device can communicate with any
other device in range
○ ad hoc, self-organizing, and self-healing
 IEEE 802.15.4 Topologies

Cluster Tree Topology Topology

○ most devices are FFDs
○ RFD connect as a leaf node at the end of a branch
○ Any of the FFDs can act as a coordinator and provide
synchronization services
○ Only one PAN coordinator
Wireless Protocols
IEEE 802.15.4 Security
Access control
▪ 802.15.4 uses symmetric key cyphers for prevents unauthorized devices
encryption. Symmetric keys are less secure then from joining the network.
asymmetric, or public key, cryptography. Message integrity
protects against alteration of data
while it is in transit by using an
encrypted cryptographic key.
Message confidentiality
prevents threat actors from
reading the transmitted data.
Replay protection
Legitimate messages can be
captured and sent out on the
network at a later time

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
Wireless Protocols
Mesh Protocols that use 802.15.4

▪ 6LoWPAN – This protocol provides IPv6 services to low power devices in PANs. It can be
added to other protocol stacks such as Zigbee and Thread. It provides header compression
and IPv6 addressing services.

▪ WirelessHART –an international wireless specification (IEC 62591) for the Industrial Internet
of Things (IIoT).

▪ ISA 100.11a – This is a U.S. standard for communication on the IoT. does not stipulate an
application layer and uses 6LoWPAN and User Datagram Protocol (UDP) for its network and
transport layers.
Wireless Protocols
Other Wireless Options
▪ Other wireless protocols have been developed that support low power wide area networks (LPWAN).

▪ LoRa is one of a number LPWAN technologies and has become popular due to its low cost and wide
implementation.

▪ LoRaWAN - The Things Network is an international organization which enables development of IoT proof-of-
concept systems using the LoRa radio physical layer and LoRaWAN data link, and network layer elements of
the protocol stack. The Things Network encourages individuals to create and maintain their own LoRaWAN
gateways.
▪ Cellular - Cellular data standards, known as 3GPP, are implemented to extend IoT networks, but with devices
that have a fixed power supply. Current cellular data services are not well suited to IoT applications due to
power constraints. The fifth generation (5G) cellular specifications include LTE Advanced for Machine-Type
Communication (LTE MTC). This technology includes features that greatly improve power consumption while
providing simplified device capability for small periodic data transmission. Narrowband IoT (NB-IoT) is a low-
power low-bandwidth protocol especially for indoor applications. It uses a portion of a wireless LTE carrier's
frequency spectrum.
4.4 Chapter Summary
Chapter Summary
Summary (Cont.)
▪ Network access control concepts
A security analyst should understand the different basic access control models to have a better
understanding of how attackers can break the access controls.
The OAuth 2.0 Authorization Framework can be used for access control of IoT devices to make them more
secure by having an authorization server handle the authorization of resources.
IoT device identity management should handle IoT device access to other information from other resources
in addition to handling access to that device's resources.
▪ Encryption
Encryption for IoT data is critical because some of the information being transmitted could be sensitive.
Most IoT devices do not have the processing power or resources necessary for the more robust encryption
algorithms.
Implementing public key cryptography into IoT devices is the recommended method to ensure IoT device
security.
PKI is used to prove the identity of the IoT device.
Summary
▪ 4.1 Vulnerabilities and Attacks at the Hardware Layer
Hardware Vulnerabilities
Firmware Vulnerabilities

▪ 4.2 Threat Mitigation of the Physical Device
Network Access Control Concepts
Encryption

▪ 4.3 Wireless Protocol Overview
Bluetooth
WIFI
IEEE 802.15.4