1. InfoconDB
  2. Black Hat
  3. Black Hat USA 2017
  4. IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices

IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices

Presented at Black Hat USA 2017, July 27, 2017, 5 p.m. (60 minutes)

<span>In recent years, the emerging Internet-of-Things (IoT) has led to rising concerns about the security of networked embedded devices. There is a strong need to develop suitable and cost-efficient methods to find vulnerabilities in IoT devices - in order to address them before attackers take advantage of them. In the previous Black Hat conference, conventional honeypot technology has been discussed multiple times. In this work, we focus on the adaptation of honeypots for improving the security of IoTs, and argue why we need to have a huge innovation to build honeypot for IoT devices. </span><div><br></div><div>Due to the heterogeneity of IoT devices, manually crafting the low-interaction honeypot is not affordable; on the other hand, we cannot purchase all of the physical IoT devices to build high-interaction honeypot. This dilemma forced us to seek an innovative way to build honeypot for IoT devices. We propose an automatic way to learn the behavioral knowledge of IoT devices and build "intelligent-interaction" honeypot. We also leverage multiple machine learning techniques to improve the quality and quantity.</div>

Presenters:

  • Zhaoyan Xu - Security Researcher, \
    Zhaoyan Xu is a research engineer at Palo Alto Networks, CA, United States. He joined Palo Alto Networks in 2014 and worked in the area of Internet security. He earned his PhD degree from Texas A&M University, College Station in 2014. His research interests include web security, malware analysis, detection and system security.
  • Xin Ouyang - Sr Manager, SW Engineering, Palo Alto Networks
    Xin Ouyang is a researcher in the Security Research Group of Palo Alto Networks. His research focuses on the network security research related field.
  • Tongbo Luo - Security Researcher, \
    Tongbo Luo is a Principle Security Researcher at Palo Alto Networks. His current research interests include cybersecurity, mobile security and security data analysis. He obtained his MS and PhD in computer science from Syracuse University in 2014. He is active on mobile security, cyber security, IoT security and applied machine learning for security problems.
  • Xing Jin - Security Researcher, \
    .

Links:

Similar Presentations: