Titulo Estágio
IoT Device Testbed for Automated and Semi-Automated Security Assessment
Local do Estágio
Full Remote
Enquadramento
In general, IoT devices control physical interfaces and acquire information from the external world, and those information needs to be constantly sent to a server, directly or through a gateway. This scenario exposes the IoT devices to be targeted by malicious actions. On the other hand, discussions in consortiums and government organizations are consolidating security requirements for IoT devices. However, aligning the product's security level, alongside the security requirements consolidation, with the market goals and providing ways to validate those requirements automatically is becoming more necessary.
Given this scenario, this work aims to implement a testbed for IoT devices, especially those categorized as consumer devices (cameras, smart locks, smart plugs, etc.), to serve as a platform for creating automated and semi-automated security test cases.
Objetivo
The main objective is to create a testbed for IoT devices (consumer category) to be used in security assessment, the most relevant standards and guidelines must be considered to define the security test cases that can be automated. This work will start from previous research in Keysight [1], which was built up on top of open-source (Nmap, OpenTap, Ettercap, etc.) and private (IoT Security Assessment [2]) tools. The objectives are listed below:
-Literature review getting familiar with the different IoT devices architecture;
-Research relevant standards and guidelines for IoT devices;
-Test suite definition, taking into consideration the automated approaches;
-Targets (IoT devices) definition to compose the testbed;
-Research relevant tools to execute the security tests;
-Testbed implementation;
-Security assessment execution;
-Result collections and documentation.
Plano de Trabalhos - Semestre 1
- Get familiar with the theme and previous research (4 weeks)
Expected Results: Literature review in order to be aware of the IoT directed attacks. As an start point, the student will have access to the previous master thesis work "Automated Cyber Scurity Testbed for IoT Devices" that can be extended in the current work.
- Standard and guidelines research (2 weeks)
Expected Results: A comprehension of the security requirements applied to IoT devices. With this research, the student will be able to link those requirements with possible tools (next steps) that can be used for security assessment and eligible to be part of the testbed.
- Identification of test cases that can be automated or semi-automated (3 weeks)
Expected Results: Elicitation of test cases that will be part of the testbed. The test case should describe which requirement will be confronted and which test steps should be executed. In order to identify the test cases applied, the student needs to acquire, on this task, a solid knowledge of techniques/methodologies around security evaluation (e.g., cyber kill chain, MITRE ATT&CK Framework, etc.).
- Definition of relevant targets to be part of the testbed, there is a possibility to leverage targets from previous work (3 weeks)
Expected Results: The student should propose the targets of the testbed. The student has the freedom to propose his architecture, it can be based only on technology (e.g., focused on Bluetooth) or in a real scenario composed of different technologies (e.g., smart home).
Plano de Trabalhos - Semestre 2
- Elicitation of relevant tools to act in the IoT security assessment (3 weeks)
Expected Results: The student should demonstrate the knowledge acquired from the previous steps in order to elicit the tools that will be used. OpenSource tools and Keysight proprietary (CyPerf, Theat Simulator, IoT Security Assessment, OpenTAP, etc.) can be mixed for that purpose and or extended if needed. Also, the student must keep focused on automated or semi-automated test cases.
- Setup preparation (2 weeks)
Expected Results: The testbed should be implemented (hardware + software)
- Security assessment security (8 weeks)
Expected Results: Execution of the test case elicitated in the previous steps
- Documentation writing (3 weeks)
Expected Results: Master Thesis documentation, research, achieved results, etc.
Condições
The intern will participate in a multidisciplinary research team, Keysight will provide the equipment needed for this proposal (i.e. laptop, IoT devices, etc).
Observações
References
[1] Keysight website: https://www.keysight.com/us/en/home.html
[2] IoT Security Assessment (https://www.keysight.com/us/en/products/network-security/iot-security-assessment.html)
Orientador
German Corrales Madueno
rafael.cavalcanti@keysight.com 📩