Exfiltrating Data Through IoT
Offered By: RSA Conference via YouTube
Course Description
Overview
Explore the world of IoT data exfiltration in this 47-minute RSA Conference talk. Delve into various IoT protocols and frequencies, including SSDP, P25, Zigbee, Z-Wave, and WiFi, to understand their potential for data exfiltration and network infiltration. Learn through real-world examples, sample code, and demonstrations how these IoT communications can be exploited. Gain insights into detecting aberrant behavior from IoT devices and discover techniques to protect your network. Examine specific exfiltration methods, including Smart Watch and Windows Virtual WiFi exploits, as well as the exploitation of SSDP-ULA OPT Field. Participate in a hands-on case study and demo, featuring a Python script for data exfiltration using SSDP. Conclude with essential considerations for IoT device security and a comprehensive prescription for improved non-exfiltration hygiene.
Syllabus
Intro
Speaker Introduction
Exfiltration Methods
Smart Watch Exfiltration
Windows Virtual WiFi (7, 8, & 10)
Wireless Rogues on Network - Virtual WiFi
lot Protocol Exfiltration
Exploitation of SSDP-ULA OPT Field
UDP - Exploitation of SSDP
lot Device Critical Considerations
Exfiltration Case Study and Demo
Python Script to Exfiltrate Data using SSDP
Prescription for better non-Exfil Hygiene
Taught by
RSA Conference
Related Courses
A developer's guide to the Internet of Things (IoT)IBM via Coursera Enterprise and Infrastructure Security
New York University (NYU) via Coursera Getting Started with the Internet of Things (IoT)
Microsoft via edX AWS IoT: Developing and Deploying an Internet of Things
Amazon Web Services via edX Components And Applications Of Internet Of Things
Indian Institute of Technology Patna via Swayam