1 / 10

Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE

Prof. Avishai Wool :. Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE. School of Electrical Engineering, Tel Aviv University. Who we are. Prof. Avishai Wool Ph.D. Student Amit Kleinman M.Sc. Students: Dvir Schirman Noam Erez Asaf Tzur Ofir Weisse.

vaughan
Download Presentation

Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Prof. Avishai Wool: Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE School of Electrical Engineering, Tel Aviv University

  2. Who we are • Prof. Avishai Wool • Ph.D. Student • Amit Kleinman • M.Sc. Students: • DvirSchirman • Noam Erez • AsafTzur • OfirWeisse • Undergradute student • Gal Lerner • Many past members

  3. What we do (2013 snapshot) • Control networks • SCADA: On-going • Wireless Security: • RFID: Prox-cards (payments, access systems, passports, Israeli e-voting) • Side-channel cryptography • Other projects: • RFID: EPC-Gen2 (product labels) • Bluetooth, anti-malware, OS, file systems, …

  4. Example – Power Plant (Coal) On the outside Industrial Sketch

  5. On inside: Typical Components HMI Modbus/TCP (e.g. over Ethernet)

  6. SCADA network security • Industrial control systems (energy, chemical, …) • Control protocol is not protected • Access to control net  “Pwn” all PLCs • Our work: • analyze & model Modbus/TCP protocol • Identify designs for accurate IDS systems • Experiment [TAU has a live Modbus network!]

  7. RFID Prox-card technology • 5cm range • Access systems, transportation, credit cards, passports, Israeli e-vote • Relay attacks • (Extended-range) Jamming • card-to-reader range extension

  8. Range extension attacks Leech Relay Leech Extended range Extended range Ghost Ghost

  9. Side-Channel Cryptanalysis • Devices include secret cryptographic keys • Car alarm systems (keeloq), Cellular SIM cards, … • With device in lab, collect input+output pairs • … plus side channel • E.g., Power consumption trace sampled by scope • Extract secret keys • Our work: algorithms that need very few traces, and can deal with measurement error

  10. Contact: yash@eng.tau.ac.il http://www.eng.tau.ac.il/~yash Questions?

More Related