SSI

4TU.CybSec Syllabus Security Services for the Internet of Things (SSI)
4TU Delft
4TU Eindhoven
4TU Twente
4TU Wageningen

Credits: 5EC

Prerequisites: Network Security (ET4397IN) or Internet Security (192654000)

Delivery: This course is not tele-lectured.

Capacity: 18 students maximum.

Motivation: The “Internet of Things” (IoT) is expected to connect trillions of everyday objects to the Internet, such as cars, traffic lights, door locks, and light bulbs. While the IoT promises us to save time and effort in our daily lives, it also poses a large-scale security threat because many IoT devices are insecure. Adversaries for instance exploit these vulnerabilities to launch massive DDoS  attacks, such as the 1 Tbps+ DDoS attacks on GitHub and DNS provider Dyn, of which the latter led to large-scale outages of popular services such as Spotify and Twitter. Insecure devices also jeopardize the privacy and safety of users, for instance because they enable adversaries to capture the video feed of online baby monitors or stealthily open doors and windows.

Security Services for the IoT (SSI) is a course on IoT security, with a particular focus on home networks, which are typically the least secure.

Synopsis: SSI provides you with an overview of current IoT security challenges and technical solutions to address them, for instance using profiles that describe the behavior of IoT devices, measurement systems, and “reverse firewalls” that block outgoing DDoS traffic. SSI will test your ability to understand, apply, and modify a few of these solutions.

SIDN Labs will provide the study material for SSI, which will consist of (1) a set of scientific papers and (draft) IETF RFCs for everyone to study and present and (2) a hands-on exercise to measure the behavior of IoT devices and describe it in a device profile. SIDN Labs will be providing a mini-router with experimental software to use, which is yours to keep.

Learning outcomes:  After successful completion of SSI you will:

  • Understand IoT concepts and applications, security threats, technical solutions, and a few relevant standardization efforts in the IETF
  • Be able to analyze network traffic of IoT devices and create device profiles that describe this behavior.
  • Understand the operational business of DNS operators and the impact the IoT may have on them (industry perspective).

Lecturers: Dr Aiko Pras (UT) and Dr Cristian Hesselman (SIDN Labs)

Examination:  100% based on assignments.

Contents:

  • Overview of IoT concepts and applications
  • IoT security threats
  • Device description languages
  • IoT and threat measurement systems
  • Mitigation functions
  • IoT standardization in the IETF

Core text: Various papers from the literature.

Interaction: SSI is a highly interactive course in which students for instance report on papers they have studied and engage in technical discussions with their peers. The number of students is therefore limited to 18 and they will need to attend all lectures in person at the University of Twente (remote participation will not be available). A few seats will be available for students from Delft University of Technology.

Organisation: SSI is a collaboration between the University of Twente and SIDN Labs (www.sidnlabs.nl), the research department of the domain name registry for the Netherlands’ top-level domain, .nl. SIDN Labs’ goal is to increase the security and resilience of the Internet, for instance by developing an open platform that protects the Internet and end-users for compromised IoT devices.

Credits: 5EC

Prerequisites: Network Security (ET4397IN) or Internet Security (192654000)

Delivery: This course is not tele-lectured.

Capacity: 18 students maximum.

Motivation: The “Internet of Things” (IoT) is expected to connect trillions of everyday objects to the Internet, such as cars, traffic lights, door locks, and light bulbs. While the IoT promises us to save time and effort in our daily lives, it also poses a large-scale security threat because many IoT devices are insecure. Adversaries for instance exploit these vulnerabilities to launch massive DDoS  attacks, such as the 1 Tbps+ DDoS attacks on GitHub and DNS provider Dyn, of which the latter led to large-scale outages of popular services such as Spotify and Twitter. Insecure devices also jeopardize the privacy and safety of users, for instance because they enable adversaries to capture the video feed of online baby monitors or stealthily open doors and windows.

Security Services for the IoT (SSI) is a course on IoT security, with a particular focus on home networks, which are typically the least secure.

Synopsis: SSI provides you with an overview of current IoT security challenges and technical solutions to address them, for instance using profiles that describe the behavior of IoT devices, measurement systems, and “reverse firewalls” that block outgoing DDoS traffic. SSI will test your ability to understand, apply, and modify a few of these solutions.

SIDN Labs will provide the study material for SSI, which will consist of (1) a set of scientific papers and (draft) IETF RFCs for everyone to study and present and (2) a hands-on exercise to measure the behavior of IoT devices and describe it in a device profile. SIDN Labs will be providing a mini-router with experimental software to use, which is yours to keep.

Learning outcomes:  After successful completion of SSI you will:

  • Understand IoT concepts and applications, security threats, technical solutions, and a few relevant standardization efforts in the IETF
  • Be able to analyze network traffic of IoT devices and create device profiles that describe this behavior.
  • Understand the operational business of DNS operators and the impact the IoT may have on them (industry perspective).

Lecturers: Dr Aiko Pras (UT) and Dr Cristian Hesselman (SIDN Labs)

Examination:  100% based on assignments.

Contents:

  • Overview of IoT concepts and applications
  • IoT security threats
  • Device description languages
  • IoT and threat measurement systems
  • Mitigation functions
  • IoT standardization in the IETF

Core text: Various papers from the literature.

Interaction: SSI is a highly interactive course in which students for instance report on papers they have studied and engage in technical discussions with their peers. The number of students is therefore limited to 18 and they will need to attend all lectures in person at the University of Twente (remote participation will not be available). A few seats will be available for students from Delft University of Technology.

Organisation: SSI is a collaboration between the University of Twente and SIDN Labs (www.sidnlabs.nl), the research department of the domain name registry for the Netherlands’ top-level domain, .nl. SIDN Labs’ goal is to increase the security and resilience of the Internet, for instance by developing an open platform that protects the Internet and end-users for compromised IoT devices.

SSI

Credits: 5EC

Prerequisites: Network Security (ET4397IN) or Internet Security (192654000)

Delivery: This course is not tele-lectured.

Capacity: 18 students maximum.

Motivation: The “Internet of Things” (IoT) is expected to connect trillions of everyday objects to the Internet, such as cars, traffic lights, door locks, and light bulbs. While the IoT promises us to save time and effort in our daily lives, it also poses a large-scale security threat because many IoT devices are insecure. Adversaries for instance exploit these vulnerabilities to launch massive DDoS  attacks, such as the 1 Tbps+ DDoS attacks on GitHub and DNS provider Dyn, of which the latter led to large-scale outages of popular services such as Spotify and Twitter. Insecure devices also jeopardize the privacy and safety of users, for instance because they enable adversaries to capture the video feed of online baby monitors or stealthily open doors and windows.

Security Services for the IoT (SSI) is a course on IoT security, with a particular focus on home networks, which are typically the least secure.

Synopsis: SSI provides you with an overview of current IoT security challenges and technical solutions to address them, for instance using profiles that describe the behavior of IoT devices, measurement systems, and “reverse firewalls” that block outgoing DDoS traffic. SSI will test your ability to understand, apply, and modify a few of these solutions.

SIDN Labs will provide the study material for SSI, which will consist of (1) a set of scientific papers and (draft) IETF RFCs for everyone to study and present and (2) a hands-on exercise to measure the behavior of IoT devices and describe it in a device profile. SIDN Labs will be providing a mini-router with experimental software to use, which is yours to keep.

Learning outcomes:  After successful completion of SSI you will:

  • Understand IoT concepts and applications, security threats, technical solutions, and a few relevant standardization efforts in the IETF
  • Be able to analyze network traffic of IoT devices and create device profiles that describe this behavior.
  • Understand the operational business of DNS operators and the impact the IoT may have on them (industry perspective).

Lecturers: Dr Aiko Pras (UT) and Dr Cristian Hesselman (SIDN Labs)

Examination:  100% based on assignments.

Contents:

  • Overview of IoT concepts and applications
  • IoT security threats
  • Device description languages
  • IoT and threat measurement systems
  • Mitigation functions
  • IoT standardization in the IETF

Core text: Various papers from the literature.

Interaction: SSI is a highly interactive course in which students for instance report on papers they have studied and engage in technical discussions with their peers. The number of students is therefore limited to 18 and they will need to attend all lectures in person at the University of Twente (remote participation will not be available). A few seats will be available for students from Delft University of Technology.

Organisation: SSI is a collaboration between the University of Twente and SIDN Labs (www.sidnlabs.nl), the research department of the domain name registry for the Netherlands’ top-level domain, .nl. SIDN Labs’ goal is to increase the security and resilience of the Internet, for instance by developing an open platform that protects the Internet and end-users for compromised IoT devices.

Credits: 5EC

Prerequisites: Network Security (ET4397IN) or Internet Security (192654000)

Delivery: This course is not tele-lectured.

Capacity: 18 students maximum.

Motivation: The “Internet of Things” (IoT) is expected to connect trillions of everyday objects to the Internet, such as cars, traffic lights, door locks, and light bulbs. While the IoT promises us to save time and effort in our daily lives, it also poses a large-scale security threat because many IoT devices are insecure. Adversaries for instance exploit these vulnerabilities to launch massive DDoS  attacks, such as the 1 Tbps+ DDoS attacks on GitHub and DNS provider Dyn, of which the latter led to large-scale outages of popular services such as Spotify and Twitter. Insecure devices also jeopardize the privacy and safety of users, for instance because they enable adversaries to capture the video feed of online baby monitors or stealthily open doors and windows.

Security Services for the IoT (SSI) is a course on IoT security, with a particular focus on home networks, which are typically the least secure.

Synopsis: SSI provides you with an overview of current IoT security challenges and technical solutions to address them, for instance using profiles that describe the behavior of IoT devices, measurement systems, and “reverse firewalls” that block outgoing DDoS traffic. SSI will test your ability to understand, apply, and modify a few of these solutions.

SIDN Labs will provide the study material for SSI, which will consist of (1) a set of scientific papers and (draft) IETF RFCs for everyone to study and present and (2) a hands-on exercise to measure the behavior of IoT devices and describe it in a device profile. SIDN Labs will be providing a mini-router with experimental software to use, which is yours to keep.

Learning outcomes:  After successful completion of SSI you will:

  • Understand IoT concepts and applications, security threats, technical solutions, and a few relevant standardization efforts in the IETF
  • Be able to analyze network traffic of IoT devices and create device profiles that describe this behavior.
  • Understand the operational business of DNS operators and the impact the IoT may have on them (industry perspective).

Lecturers: Dr Aiko Pras (UT) and Dr Cristian Hesselman (SIDN Labs)

Examination:  100% based on assignments.

Contents:

  • Overview of IoT concepts and applications
  • IoT security threats
  • Device description languages
  • IoT and threat measurement systems
  • Mitigation functions
  • IoT standardization in the IETF

Core text: Various papers from the literature.

Interaction: SSI is a highly interactive course in which students for instance report on papers they have studied and engage in technical discussions with their peers. The number of students is therefore limited to 18 and they will need to attend all lectures in person at the University of Twente (remote participation will not be available). A few seats will be available for students from Delft University of Technology.

Organisation: SSI is a collaboration between the University of Twente and SIDN Labs (www.sidnlabs.nl), the research department of the domain name registry for the Netherlands’ top-level domain, .nl. SIDN Labs’ goal is to increase the security and resilience of the Internet, for instance by developing an open platform that protects the Internet and end-users for compromised IoT devices.