Tag: talk

Public Talk: Security for ‘Internet of Things’: Physical Attacks and Countermeasures

Abstract:
mobilelockchain+cutters

As our culture begins buying more and more Internet enabled devices for our person, in our cars, homes and office systems; we are  wading deeper and deeper into the vulnerable, untested waters of “Internet of Things” (IoT) security.  We are now seeing in the news that the safety of our embedded devices are at higher and higher risk of being “hacked”, and little is being with regards to IoT device security until after such systems are hacked and in the news.In this talk, we will cover several types of Physical Attacks that IoT hardware designers and users should all know about.

nest-p0wn3dIn this talk, we will cover several types of Physical Attacks that IoT hardware designers should know about. Physical attacks are a type of cryptanalysis, or the analysis of information systems in order to discover the hidden aspects of devices and systems using their implementation properties. Fault Injection is the force used to change the physical behavior of the running device to discover additional security information or ways into the system. Physical attack
and fault injection research is critical because it is a preferred low cost attack method used by both black hats to discover new IoT/hardware/software attack vectors, as well as by white hats to help discover and address these vulnerabilities early in the design cycle before the get to market.
The more physical attack research that is done on IoT devices, the safer we all will be.

Speaker Bio:
Nahid-photo
Nahid Farhady Ghalaty is a fourth year PhD. candidate at the Bradley department of Electrical and Computer Engineering, Virginia Tech. Her research is mainly focused on physical cryptanalysis, secure embedded systems, new directions in hardware security, specifically fault attacks and side channel attacks and countermeasures. She received her BS degree in software engineering from Shahid Chamran University of Ahvaz, and her MS degree in computer architecture from Sharif University of Technology. Her MS research was on reliability and fault tolerant embedded system designs. She has been the recepient of the best paper in session award at SRC TECHcon 2015. She has been also the recipient of the best poster and presentation award in the Center for Embedded Systems for Critical Applications (CESCA) at 2014 and 2015. She is the author of several papers in international conferences including DATE, FDTC, HOST, COSADE, etc. She has also served as a reviewer to several conferences and journals including FDTC, DAC, CHES and DATE.

 

 

 

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Giving a talk? Come prepared, technically & mentally.

The affable Cory House recently posted a blog article about the technical issues he had delivering the keynote at last year’s CodeStock conference.  I was at that keynote and remember the poise and calm he exhibited while dealing with multiple technical issues that were out of his control.  Despite the projector going out multiple times, he stayed on topic and continued the talk through the long reboots.  Reading his blog post I realized something: Your deck should help your talk, but it should not *be* your talk.  Cory understood this and was able to forge ahead despite not having a deck for a good quarter of his talk.
If your talk is on a technical subject then I can understand that you have a relatively high reliance on your laptop and projector. (Most of my talks are code related.)  However if you’re waiting for a laptop to reboot, you should still be able to speak to the subject for a few minutes and not leave the audience looking at their phones.  If your talk is more abstract, e.g. dev culture, like Cory’s was, then you should be able to deliver most of your talk without the deck.  Believe it or not, people did this all the time before PowerPoint was invented, and I don’t recall seeing many PowerPoint presentations in the last thousand Ted talks I’ve viewed on YouTube.  For my two most recent talks, my deck had almost no text at all.  My talk on cloud computing I delivered to the local IEEE was just pictures and screen caps, and once I started talking I even stopped using the deck and ended up skipping the last 10 slides.  The deck for my Enigma talk had little text, however was still very critical to the flow of the talk: it showed helpful diagrams on how the Enigma and Bombe work, and contained a lot of notes I needed to keep the talk on track.  But, if necessary, I could have delivered the talk with just a white board.  It’s important to understand your subject material in a way that you can explain it to the audience without notes, or just to someone you’re having drinks with.  If you’re at a conference and your badge has that “speaker” ribbon across the bottom, people will constantly ask you what you’re speaking on.  If you’re enthusiastic about the subject, that enthusiasm will infect the audience and they will leave the event both encouraged and impressed.

But despite my assertions above, having your technical ducks in a row is your responsibility as a speaker.  Here’s some suggestions in addition to Cory’s:

  • Bring an adapter.  Last year at CodeStock, I did a lightening talk on password hashing.  The projector in the small room only had a VGA cable attached to it, which most modern laptops don’t have anymore.  Luckily the audience was only 4 people, so I was able to give the presentation directly off my laptop.
  • Bring a long cable.  I always bring a long HDMI cable. The twenty-five feet HDMI cable from Amazon is only $15.
  • Have your deck, and any other files you need, on a USB drive.  If your computer dies (or is stolen), there’s usually a plethora of other laptops you can grab to do a presentation, but that only works if you have the deck. Don’t rely on cloud accounts to retrieve a deck.
  • Try not to rely on Internet access at all if possible. In this age of SaaS I know that’s not always possible, but I’ve seen many talks go off the rails because of a lack of reliable Internet access.
  • Don’t ever rely on the venue’s Internet connection.  If your talk absolutely requires Internet, you should count on using a cellular hot spot.  I attended at least two talks last year where the talk was saved by a generous audience member volunteering their cellular hot spot to the speaker.  Two years ago at the Dev-Link conference the Internet became highly unreliable for several hours because a single user was sucking up 50 Mbps with a torrent.  Counting on a good Internet connection for your presentation without a contingency plan is probably the biggest and most common risk taken by presenters.
  • Lastly, don’t forget the power supply to your laptop. I’ve done this before. You can usually find someone with a similar laptop that can loan you a power supply.  Another solution is to go to the hotel desk and tell them you left a laptop power supply in the room on your last trip.  Most hotels that cater to business travelers have huge bins full of cell phone and laptop power supplies that were left in rooms over the years.  They will usually be happy to get rid of one or two.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

© 2018 Racksburg

Theme by Anders NorenUp ↑