Building a Low-Cost and State-of-the-Art IoT Security Hands-On Laboratory

The popularity of IoT has raised grave security and privacy concerns. The huge IoT botnets Mirai and Reaper were built on compromised IoT devices. In this paper, we propose to develop a low-cost platform with an industrial grade microcontroller (MCU) ESP32 equipped with a crypto co-processor ATECC608A and create teaching materials including labs and case studies for IoT security education. MCUs have broad applications in IoT. Sensor nodes in various smart systems such as smart home, smart health and smart grid can use MCUs to process commands and perform automatic control. We will develop effective, engaging and novel teaching materials on IoT hardware security, operating system/firmware/software security, network security, and data security with the low-cost IoT kit and IDE. The teaching materials will contribute to the Cybersecurity Workforce Development Initiative led by NICE and help respond to a dynamic and rapidly developing array of cyber threats including those resulting from IoT.

[1]  Zhen Ling,et al.  An End-to-End View of IoT Security and Privacy , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[2]  Jean-Pierre Seifert,et al.  Key Extraction using Thermal Laser Stimulation: A Case Study on Xilinx Ultrascale FPGAs , 2018, IACR Cryptol. ePrint Arch..

[3]  Grant Hernandez,et al.  Smart Nest Thermostat A Smart Spy in Your Home , 2014 .

[4]  Domenic Forte,et al.  Power-based Side-Channel Instruction-level Disassembler , 2018, 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC).

[5]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[6]  Johannes Obermaier,et al.  Analyzing the Security and Privacy of Cloud-based Video Surveillance Systems , 2016, IoTPTS@AsiaCCS.

[7]  Jesús María Molina Terriza,et al.  LEARN HOW TO CONTROL EVERY ROOM AT A LUXURY HOTEL REMOTELY: THE DANGERS OF INSECURE HOME AUTOMATION DEPLOYMENT , 2014 .

[8]  Chao Gao,et al.  Security Vulnerabilities of Internet of Things: A Case Study of the Smart Plug System , 2017, IEEE Internet of Things Journal.

[9]  Jean-Pierre Seifert,et al.  No Place to Hide: Contactless Probing of Secret Data on FPGAs , 2016, CHES.

[10]  William T. Polk A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats , 2018 .

[11]  Yue Zhang,et al.  On the Security and Data Integrity of Low-Cost Sensor Networks for Air Quality Monitoring , 2018, Sensors.

[12]  Raja Nassar,et al.  Focused ion beam milling: Depth control for three-dimensional microfabrication , 1997 .

[13]  Caro C Williams-Pierce,et al.  Five Key Ingredients for Improving Student Motivation , 2011 .