Paul McMillan - Attacking the Internet of Things using Time
DEF CON 22 [Materials] Speeches from the Hacker Convention.
English - December 14, 2014 00:25 - 27.6 MBTechnology Education How To def con defcon hacking hacker conference computer security security research defcon 22 def con 22 dc-22 dc22 Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Mcmillan/DEFCON-22-Paul-Mcmillan-Attacking-the-IOT-Using-timing-attacks.pdf
Attacking the Internet of Things using Time
Paul McMillan SECURITY ENGINEER, NEBULA
Internet of Things devices are often slow and resource constrained. This makes them the perfect target for network-based timing attacks, which allow an attacker to brute-force credentials one character at a time, rather than guessing the entire string at once. We will discuss how timing attacks work, how to optimize them, and how to handle the many factors which can prevent successful exploitation. We will also demonstrate attacks on at least one popular device. After this presentation, you will have the foundation necessary to attack your own devices, and a set of scripts to help you get started.
Paul McMillan is a security engineer at Nebula. He also works on the security teams for several open source projects. When he's not building or breaking the internet, he enjoys, cocktails and photography.