IoT offers a plethora of new protocols and frequencies over which communication travels. Protocols and services such as SSDP, P25, Zigbee, Z-Wave, WiFi and more provide countless ways to exfiltrate data or infiltrate the network. Through real-world examples, sample code and demos, presenters will bring to light these threats and new methods for detecting aberrant behavior emanating to/from these devices.
Learning Objectives:
1: Gain a better understanding of the many IoT protocols, frequencies and services.
2: Learn how IoT communications can be exploited to exfiltrate your network.
3: Obtain a list of techniques for detecting these aberrant IoT behaviors.
Speakers: Chet Hosmer, Michael Raggo
Chet Hosmer is the Founder of Python Forensics, Inc., a nonprofit organization focused on the collaborative development of open-source investigative technologies using the Python programming language. Hosmer is also the Founder of WetStone Technologies, Inc., and has been researching and developing technology and training surrounding forensics, digital investigation and steganography for over two decades. He is the Author of three recent Elsevier/Syngress Books: Python Passive Network Mapping, Python Forensics, and Data Hiding. Hosmer serves as a Visiting Professor at Utica College where he teaches in the Cybersecurity graduate program. He is also an Adjunct Faculty Member at Champlain College for the master's program in Digital Forensic Science.
Mike Raggo, Chief Security Officer, 802 Secure (CISSP, NSA-IAM, CSI), has over 20 years of security research experience. His current focus is wireless IoT threats impacting the enterprise. Raggo is the Author of Mobile Data Loss: Threats and Countermeasures and Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols for Syngress Books, and contributing Author for Information Security the Complete Reference 2nd Edition. A former security trainer, Raggo has briefed international defense agencies including the FBI and Pentagon, and is a frequent Presenter at security conferences, including Black Hat, DEF CON, Gartner, DoD Cyber Crime, OWASP, HackCon and SANS.
Detailed Presentation:
Comments