#RSAC
Eng.MohamedSohail Dr.SaidTabet
WirelessSensors’PowerConsumptionandIoTSecurity
DataProtectionandAvailabilityExpert TechnologyLead,IoTStrategyDell-EMC Dell-EMC@Mohamed_Sohail
SESSIONID:MBS-R02
#RSAC
Overview
2
IoT is growing FAST… IT meets OT
DataIntegrityverificationandvalidationis
veryimportant
#RSAC
3
IoTmonitoringarchitecture
Secureenvironment
Datacreationfromsensornodes
Filter,streamanalytics,comparingpowerprofileswithactualdatagenerated
Sendandreceive Transform,analyze,processworkflow,monitor
Threatdetection
Datavisualization&monitoring
DataCenterThings
Gateways
RemoteEdgeSite Human/MachineInteractionCommunications
Transport
\
TransportCloud
HybridCloud
SystemsofrecordSystemsoftransactionMaintenancehistory
Dataflow
Historical,streamingandsimulationanalysis
#RSAC
IoTSecurity&Challenges
ü IoTsecurityisstill“greenfield”ü SecurityisthefastedgrowingpriorityforIoT93%by2019ü WorldwideIoTSecuritySpendingtoReach$547Millionin2018ü By2020,Morethan25%ofIdentifiedAttacksinEnterprises
WillInvolveIoTSpendingforIoTsecurity(MM)
#RSAC
IoTdevicescommunicationsaregrowinginsizeandspeed.Shoulditbeasourceofconcern?
5
ChallengesinIoT
NoPowerBaselineforAnalytics
NonUpgradeableDevices
Smallformfactordevices
#RSAC
IoTSecurityChallengesCont.
IoTSecurity,previouslyignored,hasnowbecomeanissueofhighconcern.2020
5BillionConnectedPeople
20- 50Billion
Connected“Things”
120MillionCarsOnline$1.46
TrillionMarket
Data:44Zettabytes
IoTsecuritysurfaceAttack
#RSAC
Gateways
High-levelIoTSecurityThreat/Challenges
7DeviceBehaviorAnalytics NetworkVisibility,Analysis,Action(SA)
Sensors,Devices&Equipment
SecureOnboarding&DeviceMonitoring
EndpointMonitoring&ThreatDetection Platform/NetworkVisibility,Analysis,Action
SecureResourceAccess
)
)))
))
)
)))
))
)
)))
))
)
)))
))
)
) )) ))
EnterpriseDataCenter
DeviceManagement GatewayManagement CommunicationManagement Platform/NetworkManagement
Identity&AccessManagement
UnauthorizedAccess,DataExposure&
Provenance
DataExposure,DataIntegrity&Provenance
Fakesensor
IdentityandAccessManagement
Malware&APTs
DataExposure&Integrity
UnauthorizedAccess,DataExposure
SecureDeviceAccess
Malware&APTs
DataExposure&Integrity
#RSAC
8
PowerConsumptioninIoTEcosystem
qWiththewirelessnatureof
theconnectededgedevices
powerconsumptiononeof
thekeyresearchtopics.
qWebelieveinastrong
correlationbetweenpower
consumptionandsecurity
threats.
#RSAC
SolutionApproach
9
q Proactive monitoring of
power usage at the
edge
q Use of AI techniques to
detect abnormal
behavior and react to it
Powerconsumed
Powerconsumed
Streaminganalysis
Yes ExcessivepowerconsumptionYes
SecurityBreach//Denial-of-
ServiceAttack/Spoofing...etcAlerttoAdministrator/
otherstackholders
Blockthesensor
Extrasecurityandcompliancecheck
Abnoormal
behavior
Normalbehavior
StoreData
No
Historicalanalysis“Brownenvironment”
Resultsfromhistoricalanalysis
#RSAC
SensorBehaviorAlgorithm
10
NormalBehavior
SuspectedBehavior
SamePowerConsumed
ExcessivePowerConsumed
NoAnalysisNeededAlerttoAdmin/MarksensorforsecurityAnalysis
PassData AnalysisPerformed
BlockSensorextrasecuritychecktobe
performed
Normalbehavior
#RSAC
PowerBehavioralProfiling
Powerbehavioralprofiling
Datacollectionfromthesensors
BigdataanddeeplearningAlgorithms
BlockData
PassData
End
#RSAC
12
Trustscoringandauthenticationlevelingbasedonpowerconsumption
SecurityGuard(SW)AuthenticatedSensornode
AuthenticatedFlagged
Sensornode
NewSensornode
Regularauthentication
TrustScore
PowerconsumptionbehaviorprofileEngine
TrustScore
TrustScore
Sensorprofiles
Trustscores
#RSAC
PowerprofilingwithACPIintegrationSystem
13
OSKernel
Powercontrolthread
PowerDataLog
PowerAnalyzer
SystemstatusLog
Systemstatusprofiler
SecurityGardSW
MessageClient
Messagelistener
Security Guard- Automatesprofiling.- Correlatesresults.- Applymachine
learning.
ACPImodule ACPImodule ACPImoduleACPImodule
#RSAC
HowtoApplythis
ü NextgenerationDataCenters(DC)willbefullyconnectedandservemostlyIoT-relatedactivities.PowerconsumptioninformationneedstobeincludedintheDCvulnerabilityassessmentandriskmitigation
ü TheimplementationofthissolutioncanbeintegratedintoedgemanagementtoolssuchasVMwareEnterprisemobilitymanagementproductsuite
ü Thisapproachisdesignedforthe‘higherorders’ofIoTwhereprocessorscanbeinstrumentedtogatherthenecessarytelemetrydata.
ü LeverageIOTGatewayssuchasDellGWsfordeployments
ü WiththeuseofMachineLearningandDeepLearning,thissolutionmayalsobeimplementedatthecore/DClevelorasaserviceintheCloud
#RSAC
Relatedlinks
https://www.linkedin.com/company/dell-oem-solutions/comments?topic=6237395788276776960&type=U&scope=6654266&stype=C&a=yPV8
https://www.linkedin.com/company/dell-internet-of-things/comments?topic=6237395788029313025&type=U&scope=10149209&stype=C&a=FhHZ
https://twitter.com/DellOEM/status/831630102312140803
#RSAC
MoreResources
v PerformanceImprovementandPowerConsumptionReductionofanEmbeddedRISCCore
Author: JungHongkyun,JinXianzhe,RyooKwangki
v Wirelesssensornetworkforaircrafthealthmonitoring
HaoweiBai;M.Atiquzzaman;D.Lilja
FirstInternationalConferenceonBroadbandNetworks
v https://www.helpnetsecurity.com/2015/04/16/internet-of-everything-attack-surface-grows/
v http://www.gartner.com/newsroom/id/3291817