6/3 物聯網資安

--- tags: 資安演講,物聯網資安 --- # 6/3 物聯網資安 [TOC] :::info ❤歡迎各位參與共筆的製作❤ 講師:國立台灣科技大學-黃琴雅教授 ::: :::info ### Reference Paper #### Smart city Access Control https://ieeexplore.ieee.org/document/9238038 https://ieeexplore.ieee.org/document/8016287 #### GPS Security https://www.usenix.org/conference/usenixsecurity22/presentation/sathaye #### Health Security https://ieeexplore.ieee.org/document/8334589 https://ieeexplore.ieee.org/document/6805138 https://ieeexplore.ieee.org/document/7478582 #### Automated control systems https://ieeexplore.ieee.org/document/5601490 #### 5G IoT Security https://ieeexplore.ieee.org/document/9945850 #### jamming Attack https://ieeexplore.ieee.org/abstract/document/9733393/?casa_token=oFo1Np2chFYAAAAA:ptoPWqSt-kd-0nWjsH-sYskmLIj3cA7BgJsqvbFMBZFbE2cNbe4BmtmRT3Oik1yMVjwonHeV-IA https://ieeexplore.ieee.org/abstract/document/5343062/?casa_token=xDYSF9ryy_IAAAAA:xtk66WEtKtiZWaLGnmiRGoG-LdWtl7ftHZoTT1d7l7U66iJnEbnQph7S6r4nBcdernNuD2rczZA https://ieeexplore.ieee.org/abstract/document/1637931/?casa_token=sCIju_U_n2cAAAAA:LGNvBu-y8VR7KXyIbR-AAOXi1oXNzP4NdRKrSNeU7U4d7RXq46tK8pOOHt-YOfniwCIyFHgMR_Y ::: ---- ## 物聯網在生活中的應用 1. (Wearables)穿戴式裝置 2. (Building & Home Automation)智慧家庭/智慧建築 3. (Smart Cities)智慧城市 4. (Smart Manufacturing)智能製造 5. (Health Care) 健康管理 6. (Automotive) 自動駕駛 ![](https://hackmd.io/_uploads/Sk9aemOI3.jpg) ## 物聯網產業 IoT Industrial - Control Center - Wi-Fi - Sensor ## 物連網架構 IoT Architectures - **three layers** - application(樹葉) - inernet/network(樹幹) - devices/things(樹根) ## 低功耗廣域網路 Low power wide area network （LPWAN） **物聯網的通信要求 The communication requirements of IoTs** - low power - large coverage **Low power wide area network(LPWAN)** - LoRaWAN 以lora為機制的廣域傳輸網路 - NB-IoT 電信網路 - other picture endnodes->gateways<->networkserver<->application server star topology network / wired network backhaul sensor node將偵測到的訊息透過iot gateway傳輸到cloud ![](https://hackmd.io/_uploads/Byhcsmd83.jpg) ## LoRaWAN **LoRaWAN Architecture** - end nodes - gateway - network server - application server **Transmission Spec** - Frequency Shift Keying(FSK) - 0.3-50Kbps - Three bandwidth(BW):125,250,500kHz - 6 orthogonal spreading factors(SFs) - Max transmission power(TP):20dB ## LoRa System under Jamming Attack Four Jamming method: Proactive Jammer - (A)Constant Jammer:IrreGular signals - (B)Deceptive Jammer: Legitimate Packets (C)Random jammer - Power consumption consideration - Tradeoff between jamming effect and power saving (D)Reactive jammer - Only attck channals when activity is detected Chirp rate - SF - BW SINNR - TP ![](https://hackmd.io/_uploads/rkXET7dLn.jpg) ## Countermeasure ![](https://hackmd.io/_uploads/H1rU3muIn.png) 微波爐、藍芽、wifi都是2.4GHz的頻段，如果要自己玩Jammer Attack，可以拿這個頻段來試試，用其他頻率可能會被警察叔叔帶走![](https://hackmd.io/_uploads/rJsTa7_8h.png =100x) >圖片來源:Meme梗圖倉庫 ## Autonomous Vehicle 自駕車使用的連線方式不是Ethernet，而是使用傳統的CAN bus，因為要保證系統穩定性以及安全 ![](https://static.wixstatic.com/media/cb0e64_fb2d72c0d21749859b7f649ddba8116e~mv2.png/v1/fill/w_640,h_406,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/cb0e64_fb2d72c0d21749859b7f649ddba8116e~mv2.png) ## Frame Structure of a CAN Packet A single frame consists arbitration field control field and data field - Timestamp: - CAN ID: Idenifer in HEX - DLC: - Data: The value of the data in bytes Example of KIA by Clemson University,USA: ![](https://hackmd.io/_uploads/HkA4eVuI2.jpg) ## Denial of Service (DOS) Attack in CAN 利用偽造節點(需要先拿到CAN封包，了解ID)，再透過大量的訊息傳輸，讓目標系統癱瘓 ![](https://hackmd.io/_uploads/Bkl1MNOU2.jpg) ## Countermeasure The integration of software defined networking controller and machine learning(ML) ![](https://hackmd.io/_uploads/Hk6W-NdLh.jpg) ## Discussion Threats of Lot in terms of device level: - Signal based attack - Flow based attack How about other possible threates of other layers in IoT? - Application layer - HTTP/2, etc. - Internet/Network layer - Traffic redirection, etc. - Things/Device layer