CrySyS Lab researchers developed a new anti-virus solution running on resource constrained embedded IoT devices.
Embedded devices connected to the Internet are threatened by malware, but no anti-virus product is available for them. Anti-virus products developed for traditional IT systems have higher resource needs than that offered by embedded IoT devices. The required amount of free storage space and memory to run these products is often measured in gigabytes, which exceeds the capacity of typical IoT devices, such as WiFi routers, IP cameras, smart house hold appliances, wearable devices, etc. In addition, many existing anti-virus products do not even support the operating systems (typically some embedded Linux or some more exotic OS) used on IoT devices. Therefore, they could not be installed, even if a particular IoT device met their system requirements.
Continue reading SIMBIoTA: Similarity-Based Malware Detection for the Internet of Things
Buttyán Levente, BME
Ferenc Rudolf és Nagy Gábor Péter, SZTE
Huszti Andrea, DE
Az Internet ma már több beágyazott eszközt köt össze, mint hagyományos PC-t és szervert. A beágyazott eszközökkel kiterjesztett Internetet nevezzük Internet-of-Things-nek, vagy röviden IoT-nek. Az IoT számos alkalmazási területen biztosíthatja az új megoldások és a dinamikus fejlődés lehetőségét. IoT technológiákat használva otthonainkat okos otthonokká, városainkat okos városokká, gyárainkat okos gyárakká, és közlekedési rendszereinket intelligens közlekedési rendszerekké alakíthatjuk. Mindez azonban alakulhat máshogyan is, ha nem gondoskodunk arról, hogy az a technológia, amire a jövőnket építjük, kellően biztonságos és megbízható legyen. „Okos” otthonaink személyes szokásaink és adataink kiszivárogtatójává, „okos” városaink és „intelligens” közlekedési rendszereink masszív megfigyelési platformmá válhatnak.
Continue reading Félidőnél tart a SETIT projekt
This blog post was written by Márton Horváth who worked on implementing a monitor for Certificate Transparency logs in the context of his student semester project. As a proof-of-concept, he used the monitor he created to collect information about logged certificates issued in Hungary or issued to Hungarian web sites. This blog post contains the main findings of the analysis of those certificates. Continue reading Certificate Transparency – the current landscape in Hungary
This blog post, written by István Telek, is the last post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This last post describes how we implemented a very basic integrity monitoring function as a trusted application running in OP-TEE. Continue reading Linux integrity monitoring on the Raspberry Pi
This blog post, written by Márton Juhász, is the fifth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This post specifically will explain how to convert the Raspberry Pi into a WiFi access point such that it can perform some gateway-like functionality. First, we describe how to enable WiFi and then how to enable other software components to make the Pi an access point. Continue reading Enabling WiFi and converting the Raspberry Pi into a WiFi AP
This blog post, written by Márton Juhász, is the fourth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. Previous posts discussed building a custom Linux system with Buildroot, installing OP-TEE, and verified boot on the Raspberry Pi. This post will describe some OS hardening options you can use to reduce the attacks surface. Continue reading OS hardening on the Raspberry Pi
This blog post, written by István Telek, is the third post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. It describes how you can implement a verified boot process on the Raspberry pi. Continue reading Verified boot on the Raspberry Pi
This blog post, written by Szilárd Dömötör, is the second post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. The first post explained how to build and install the default OP-TEE implementation for the Raspberry Pi 3. This one describes how you can build your own custom Linux system (with OP-TEE) using the Buildroot environment. Continue reading Using Buildroot to create custom Linux system images
This blog post, written by Márton Juhász, is the first in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform.
This blog post explains how to build and install the default OP-TEE implementation for the Raspberry Pi 3. The easiest way is to follow the steps described in the corresponding git repo of OP-TEE. However, for the sake of completeness (and because some steps may actually be a bit confusing in the original description), we provide a comprehensive description here. Continue reading OP-TEE default build and installation on the Raspberry Pi
The Internet has grown beyond a network of laptops, PCs, and large servers: it also connects millions of small embedded devices. This new trend is called the Internet of Things, or IoT in short, and it enables many new and exciting applications. At the same time, IoT also comes with a number of risks related to information security. The lack of security, however, cannot be tolerated in certain applications of IoT, including connected vehicles and smart factories. In those applications, security failures may lead to substantial physical damage or monetary loss. Therefore, one of the biggest challenges today, which hinders the application of IoT technologies in certain application areas, is the lack of security guarantees. Continue reading Enhancing the Security of the Internet of Things