SSI

Credits: 5EC

Prerequisites: Network Security (ET4397IN) or Internet Security (192654000); good understanding of network systems

Delivery: This course is not tele-lectured.

Motivation: The “Internet of Things” (IoT) is expected to connect trillions of everyday objects to the Internet, such as cars, traffic lights, door locks, and light bulbs. While the IoT promises us to save time and effort in our daily lives, it also poses a large-scale security threat because many IoT devices are insecure. Adversaries for instance exploit these vulnerabilities to launch massive DDoS  attacks, such as the 1 Tbps+ DDoS attacks on GitHub and DNS provider Dyn, of which the latter led to large-scale outages of popular services such as Spotify and Twitter. Insecure devices also jeopardize the privacy and safety of users, for instance because they enable adversaries to capture the video feed of online baby monitors or stealthily open doors and windows.

Security Services for the IoT (SSI) is a course on IoT security, with a particular focus on home networks, which are typically the least secure.

Synopsis: SSI provides you with an overview of current IoT security challenges and technical solutions to address them, for instance using profiles that describe the behavior of IoT devices, measurement systems, and security systems for home networks that automatically block outgoing DDoS traffic. SSI will test your ability to understand, apply, and modify a few of these solutions. SSI aims to provide you with 20% broad expertise and 80% deep technical expertise.

The study material for SSI consists of (1) scientific papers and IETF RFCs and (2) a hands-on lab assignment to measure the behavior of IoT devices and describe it through a device profile.

Learning outcomes:  After successful completion of SSI you will:

• Understand IoT concepts and applications, security threats, technical solutions, and a few relevant standardization efforts in the IETF
• Be able to analyze network traffic of IoT devices and create device profiles that describe this behavior.
• Understand the operational business of DNS operators and the impact the IoT may have on them (industry perspective).

SSI also contributes to your skills to independently carry out research projects and to develop services and systems.

Lecturers: Dr Cristian Hesselman (UT and SIDN Labs) and Dr Elmer Lastdrager (SIDN Labs)

Examination: 100% based on assignments.

Contents:

• Overview of IoT concepts and applications
• IoT security threats
• Device description languages
• IoT and threat measurement systems
• Mitigation functions
• IoT standardization in the IETF

Core text: Various papers from the literature.

Interaction: SSI is a highly interactive course in which students for instance report on papers they have studied and engage in technical discussions with their peers. The number of students is therefore limited to 35 and they will need to attend all lectures in person at the University of Twente (remote participation will not be available). A few seats will be available for students from Delft University of Technology.

Organisation: SSI is a collaboration between the University of Twente and SIDN Labs (www.sidnlabs.nl), the research department of the domain name registry for the Netherlands’ top-level domain, .nl. SIDN Labs’ goal is to increase the security and resilience of the Internet, for instance by developing an open platform that protects the Internet and end-users for compromised IoT devices.

Communication: SSI uses Canvas for submissions, but also has it’s own dedicated website (https://courses.sidnlabs.nl/ssi). Feel free to browse around and check the papers to find out it they trigger your interest.