Posted on Leave a comment

SIMBIoTA: Similarity-Based Malware Detection for the Internet of Things

CrySyS Lab researchers developed a new anti-virus solution running on resource constrained embedded IoT devices.

Embedded devices connected to the Internet are threatened by malware, but no anti-virus product is available for them. Anti-virus products developed for traditional IT systems have higher resource needs than that offered by embedded IoT devices. The required amount of free storage space and memory to run these products is often measured in gigabytes, which exceeds the capacity of typical IoT devices, such as WiFi routers, IP cameras, smart house hold appliances, wearable devices, etc. In addition, many existing anti-virus products do not even support the operating systems (typically some embedded Linux or some more exotic OS) used on IoT devices. Therefore, they could not be installed, even if a particular IoT device met their system requirements.

Continue reading SIMBIoTA: Similarity-Based Malware Detection for the Internet of Things
Posted on Leave a comment

Félidőnél tart a SETIT projekt

Buttyán Levente, BME
Ferenc Rudolf és Nagy Gábor Péter, SZTE
Huszti Andrea, DE

Az Internet ma már több beágyazott eszközt köt össze, mint hagyományos PC-t és szervert. A beágyazott eszközökkel kiterjesztett Internetet nevezzük Internet-of-Things-nek, vagy röviden IoT-nek. Az IoT számos alkalmazási területen biztosíthatja az új megoldások és a dinamikus fejlődés lehetőségét. IoT technológiákat használva otthonainkat okos otthonokká, városainkat okos városokká, gyárainkat okos gyárakká, és közlekedési rendszereinket intelligens közlekedési rendszerekké alakíthatjuk. Mindez azonban alakulhat máshogyan is, ha nem gondoskodunk arról, hogy az a technológia, amire a jövőnket építjük, kellően biztonságos és megbízható legyen. „Okos” otthonaink személyes szokásaink és adataink kiszivárogtatójává, „okos” városaink és „intelligens” közlekedési rendszereink masszív megfigyelési platformmá válhatnak.

Continue reading Félidőnél tart a SETIT projekt
Posted on Leave a comment

Certificate Transparency – the current landscape in Hungary

This blog post was written by Márton Horváth who worked on implementing a monitor for Certificate Transparency logs in the context of his student semester project. As a proof-of-concept, he used the monitor he created to collect information about logged certificates issued in Hungary or issued to Hungarian web sites. This blog post contains the main findings of the analysis of those certificates. Continue reading Certificate Transparency – the current landscape in Hungary

Posted on 3 Comments

Enabling WiFi and converting the Raspberry Pi into a WiFi AP

This blog post, written by Márton Juhász, is the fifth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This post specifically will explain how to convert the Raspberry Pi into a WiFi access point such that it can perform some gateway-like functionality. First, we describe how to enable WiFi and then how to enable other software components to make the Pi an access point. Continue reading Enabling WiFi and converting the Raspberry Pi into a WiFi AP

Posted on Leave a comment

OS hardening on the Raspberry Pi

This blog post, written by Márton Juhász, is the fourth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. Previous posts discussed building a custom Linux system with Buildroot, installing OP-TEE, and verified boot on the Raspberry Pi. This post will describe some OS hardening options you can use to reduce the attacks surface. Continue reading OS hardening on the Raspberry Pi

Posted on 2 Comments

Using Buildroot to create custom Linux system images

This blog post, written by Szilárd Dömötör, is the second post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. The first post explained how to build and install the default OP-TEE implementation for the Raspberry Pi 3. This one describes how you can build your own custom Linux system (with OP-TEE) using the Buildroot environment. Continue reading Using Buildroot to create custom Linux system images

Posted on Leave a comment

OP-TEE default build and installation on the Raspberry Pi

This blog post, written by Márton Juhász, is the first in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform.

This blog post explains how to build and install the default OP-TEE implementation for the Raspberry Pi 3. The easiest way is to follow the steps described in the corresponding git repo of OP-TEE. However, for the sake of completeness (and because some steps may actually be a bit confusing in the original description), we provide a comprehensive description here. Continue reading OP-TEE default build and installation on the Raspberry Pi

Posted on 1 Comment

Enhancing the Security of the Internet of Things

The Internet has grown beyond a network of laptops, PCs, and large servers: it also connects millions of small embedded devices. This new trend is called the Internet of Things, or IoT in short, and it enables many new and exciting applications. At the same time, IoT also comes with a number of risks related to information security. The lack of security, however, cannot be tolerated in certain applications of IoT, including connected vehicles and smart factories. In those applications, security failures may lead to substantial physical damage or monetary loss. Therefore, one of the biggest challenges today, which hinders the application of IoT technologies in certain application areas, is the lack of security guarantees. Continue reading Enhancing the Security of the Internet of Things