IoT Security

Mon, 21 September 2020, 9:00 AM - Fri, 25 September 2020, 5:00 PM [AEST]

Unit 2, 9 Beaconsfield Street, Fyshwick, ACT, 2906, Australia

Register Now

1. Select Seats

2. Review and Proceed

REGISTRATION

Student PARTIAL APPROVAL - $4,000.00

Registration closes on 25/09/2020

Enter your discount code

  • Subtotal (excluding fees and discounts)
  • Fee
  • Total amount
  • ( Inclusive of GST )

Mon, 21 September 2020, 9:00 AM - Fri, 25 September 2020, 5:00 PM [AEST]

InfoSect, Unit 2, 9 Beaconsfield Street, Fyshwick, ACT, 2906, Australia.

In this 5-day course, students will learn the basics of introductory hardware hacking and interfacing with IoT devices to gain console access, dump firmware, and debug IoT devices. Additionally, they will learn the techniques for performing vulnerability research by firmware analysis using emulation, fuzzing, decompilation, static analysis, and code review. For many of the physical interfacing labs, the BUSSide hardware hacking tool, created by the trainer, will be used for interfacing. Students will learn practical skills, tool usage, vulnerability research techniques, and some underlying theory.

Day 1 (Electronics and Interfacing)

Lectures

·         Introduction to Practical Electronics
·         Introduction to Hardware Hacking
·         UART
·         Interfacing with SPI

Labs

·         Soldering and Assembly of an Electronics Kit
·         Building the BUSSide
·         Interfacing with UART
·         Interfacing with SPI
·         Interfacing with SPI – Chip Off Techniques

Day 2 (Embedded Development)

Lectures

·         Introduction to Embedded Development
·         Software UART on the NodeMCU
·         PWM and DACs
·         SPI

Labs

·         Embedded Development with the Arduino IDE
·         Defeating an IR Controlled Alarm with Arduino
·         Interfacing with UART Using the NodeMCU
·         PWM and DACs
·         SPI

Day 3 (Interfacintg with IoT)

Lectures

·         Electronics Prototyping
·         I2C
·         JTAG

Labs

·         SPI Fuzzing
·         Desoldering and Dumping NAND Flash
·         Interfacing with I2C
·         I2C
·         JTAG Debugging

Day 4 (Firmware)

Lectures and Labs

·         Firmware Filesystem Extraction
·         Emulating Executables using QEMU
·         Whole System Firmware Emulation
·         Running Kali on an IoT Device
·         Binary Fuzzing with AFL

Day 5 (Vulnerability Research)

Lectures and Labs

·         Source Code Fuzzing with AFL
·         In-memory Source Code Fuzzing with Clang
·         Static Analysis with Coccinelle
·         Decompilation with Ghidra

InfoSect

Dr Silvio Cesare is the Managing Director at InfoSect. He has worked in technical roles and been involved in computer security for over 20 years. This period includes time in Silicon Valley in the USA, France, and Australia. He has worked commercially in both defensive and offensive roles within engineering. He has reported hundreds of software bugs and vulnerabilities in Operating Systems kernels. He was previously the Director for Education and Training at UNSW Canberra Cyber, ensuring quality content and delivery. In his early career, he was the scanner architect and a C developer at Qualys. He is also the co-founder of BSides Canberra - Australia’s largest cyber security conference. He has a Ph.D. from Deakin University and has published within industry and academia, is a 4-time Black Hat speaker, gone through academic research commercialisation, and authored a book (Software Similarity and Classification, published by Springer).

Contact the Organizer