Building Hardened Internet-of-Things Clients with Language-Theoretic Security
Offered By: IEEE via YouTube
Course Description
Overview
Explore a 20-minute IEEE conference talk on enhancing Internet-of-Things (IoT) client security through Language-theoretic Security (LangSec). Delve into a methodology for building secure input-handling functionality in application-layer IoT protocols, focusing on XMPP and MQTT implementations. Learn about the creation of efficient clients with less than 100 lines of code that accurately recognize valid messages. Compare CPU performance against widely deployed protocol implementations and examine the approach's limitations. Gain insights into the importance of principled input handling in addressing prevalent vulnerabilities in the IoT era.
Syllabus
Introduction
Outline
Problem
Language
Protocols
MQTT
MQTT Protocol
MQTT State Machine
XMPP
XMPP Messages
Contributions
Passing in the IoT
Approach
Methodology
State Machine Gem
Writing Individual Passes
Limitations
Results
Performance
MQTT Performance
Simple Phaser
Parse Tree
Fuzzing Limitations
Lessons Learned
Next Steps
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
AWS IoT: Developing and Deploying an Internet of ThingsAmazon Web Services via edX A Subjective Introduction to the IoT
ITMO University via edX IoT Networking and Fog Layer Devices
ITMO University via edX Introducción al Internet de las cosas (IoT) y sus aplicaciones
Universidad del Rosario via edX Intel® Edge AI for IoT Developers
Intel via Udacity