Attend onlinevia livestream
Date22-23 November 2021
Time09:00 to 17:00 GST/GMT+4
Today's Internet of Things (IoT) market is developing rapidly, and presents the security community with a difficult challenge. How do you monitor or limit the dangers that IoT devices can bring to the workplace (and at home), while recognizing the explosion in the market of products to include: kitchen gadgets, watches, web cameras, smart televisions, smart speakers (Alexa, Google Home), Wi-Fi routers, to all forms of consumer and hospital-grade medical devices/equipment, from the “connected car,” and onto Smart Cities and Smart Factories (Industry 4.0).
Basically, if it has an on/off switch, either a consumer or the business wants to give it an IP address, and connect it with other devices or the Internet for monitoring, advertising or the promise of “ easier management.” IoT devices have become an indispensable part of people's lives, but its threat to your personal/business data, and privacy will continue to grow.
The reality is that IoT devices are here to stay, and their threat will only grow as the line between working from home or at the office continues to blend together. In addition, the threat IoT devices bring to systems that cannot be traditionally monitored, lateral movement after an attack, and the dangers that ransomware also brings to a business means that gaining control of the threat of IoT is something that cannot be ignored.
This course will explain the concept and architecture of IoT devices, and then jump into legit “in the wild” / real hacking techniques and analysis used against real targets. We will also review the real world exploit, as a framework for how these security issues start through development, so that students can get a glimpse of the world of IoT security.
There are a lot of hands- on Lab exercises in this course, which is very suitable for students who want to be taught by hand, and will foster learning from within the course and hands-on instruction, as well as working at home or in your home lab.
Trainees should have a working knowledge of TCP/IP and a basic knowledge of the Windows and Linux command lines.
As the world of IoT, Enterprise IT security (IT) and Operational Technology (OT) / Critical infrastructure blend together, the trends and threats that IoT brings are here to stay. This is not meant to instill fear or doubt, but about looking at the reality of how security events are happening, beyond the scope of phishing attacks and end-users accidentally clicking on “bad links.”
IoT security knowledge and implementation technology is the trend of the Internet of Everything era. In this course, you can explore various IoT Security-related technologies from the shallower to the deeper, and after this course, the students will be better prepared to not only understand the primary risks around IoT, but also have a starter framework and hands-on ability to put what they’ve learned into practice at both their home and job.
• What is IoT?
• Exploring OWASP IoT Top 10
• Introduce Attack Vector of IoT devices
• Experience and Analyze MQTT protocol (Lab)
• Tool Introduction
• Basic ARM Exploitation
• Exploit Mitigation Techniques
• Bypass Mitigation
• Firmware Analysis Process Overview
• Common Firmware Analysis (Static and Dynamic)
• Encrypted Firmware Analysis (Static and Dynamic)
• Fix Hardware Dependency
• Analyze and Compile IoT Malware
• Build IoT Botnet
• Attack Vectors Analysis on Car
• Build Car Simulation
• Cat Attack Exercise
• Hardware Penetration Testing Overview
• Exploit Hardware Debug Ports
• Radio Frequency Penetration Testing Overview
Mars Cheng (@marscheng_) is a threat researcher for TXOne Networks, blending a background and experience in both ICS/SCADA and enterprise cybersecurity systems. He has directly contributed to more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals.
Before joining TXOne, he was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). He is a frequent speaker and trainer at several international cyber security conferences such as Black Hat Europe, DEFCON, SecTor, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, VXCON, CYBERSEC, CLOUDSEC and InfoSec Taiwan as well as other conferences and seminars related to the topics of ICS and IoT security.
In addition, he also conducted many cyber security training classes at the Hacks in Taiwan (HITCON) Training 2020 and 2019, Ministry of Education (Information Security Incubation Program, ISIP), Ministry of National Defense in Taiwan and listed companies. Mars is general coordinator of HITCON 2021 and was vice general coordinator of HITCON 2020.
This class is run a little different from most classes. We provide you purpose-built recorded lectures instead of trapping you in realtime with live-lectures. But fear not, the instructor is always right there eagerly waiting to mingle with the students and answer any questions you have. (The instructor really likes being asked questions. It shows you're paying attention ;)). One of many benefits is that you can watch lectures at 2x speed and zoom ahead of the other students and get to the hands on labs quicker. Or if there's bits of material you already know, you can just skip them and move on to the bits you don't know! Another big benefit is that you get to take the full lectures and labs with you! That means if you forget stuff and then need it in 6 months, you can quickly re-bootstrap yourself! Or you can watch the class twice, to really grow those neural connections and cement it in your brain! And unlike live lectures, our lectures are always getting more factually accurate, by having any accidental errors edited out.
This class is designed to give you all the background you need to understand how x86-64 reset vector firmware works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email email@example.com
This class teaches you about the fundamental hardware mechanisms which all operating systems, virtualization systems, and firmware *must* interact with in order to run successfully on x86 hardware. This is taught in a *mostly* OS-agnostic way focusing on Intel-isms rather than OS-isms (albeit with using Windows as reinforcement, thanks to its excellent kernel-level debugging support.) This class also teaches you to be comfortable with Reading The Fun Manual (RTFM!) to give you self-sufficiency when seeking out the most accurate details of how things work.You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email firstname.lastname@example.org
This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.
You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email email@example.com