Things Security

July 2015Prepared and presented by Dony Riyanto

Powered by:

AGENDA

• Introduction• What and Where• Basic of Infosec• Entities & Transport Layer• Type of attacks• Demo

What and Where (1)

Well known boards:• Arduino family• Raspberry Pi• Beaglebone• Galileo & Edison• Odroid• Many more

What and Where (1)

Basic of Infosec

• Confidentiality• Integrity• Availability

https://en.wikipedia.org/wiki/Information_security

Entities and Layers

What to protects?• Data• Control• Enough?

When?• Acquiring• Storing• Transporting• Processing

How we transport?• Local network

• Private over public• Host to host leased line

• Public network

Questions to ask:• How important security

for your projects/org?• Do you really need to store it?• Anonymize earlier or later?

When we talk about IoT, physical access does mater…

Some Sorts of Attack

A. Physical Attack, ASIC/hardware hacking , Mal firmware/ Spy firmwareB. Man In The Middle/injection, JammerC. Network firmware / Router attackD. DDOS, Gain control, Scam/Phishing/RedirectionE. Data center security breach, Man In The Middle, InjectionF. Data center security breach, scam/fraud

A

BC

D E

G

*News

http://investors.proofpoint.com/releasedetail.cfm?ReleaseID=819799

Case StudyBikin stasiun cuaca dan sensor tanah untuk area ladang jagung yang tersebar di 120HA

Tantangan:- Gabungan dari berbagai sensor, menyebabkan harus ada sensor yang

berada ditanah, ditengah (memudahkan pemasangan) dan tinggi (pengirim sinyal wifi)

- Tidak ada/sulit listrik (PLN)- Kondisi musim hujan (minim intensitas matahari) namun harus

mengambil data akurat near realtime- Unit harus ekonomis (terjangkau petani), tetapi juga harus aman.

Jangan sampai di ‘colong’ maling/orang tidak bertanggungjawab- Dsb

Bonus :)

• DIY Home Electricity Relay• Bikin relay listrik sederhana menggunakan

bahan-bahan listrik yang umum di toko listrik + arduino nano

• Pengembangan lebih lanjut bisa dipasang PIR/temper sensor atau WiFi module untuk koneksi/report jarak jauh

Thank You