|Title:||Think like an Adversary - Security Analysis of Embedded Systems|
|Date:||January 29, 2015 (Thursday)|
|Time:||10:30 a.m. - 11:30 a.m.|
|Venue:||Room 121, 1/F, Ho Sin-hang Engineering Building,
The Chinese University of Hong Kong,
|Speaker:||Prof. Wenyuan Xu
College of Electrical Engineering
Security is typically an afterthought but not considered during the initial system design. As a result, many systems were designed with good intention but are insecure: tire pressure monitoring systems (TPMS) were intended to improve road safety and fuel economy; automatic metering reading (AMR) systems were designed to reduce the burden of manually collecting utility consumption; and implantable medical devices (such as pacemakers) were designed to help patients to cope with diseases. However, the security of those systems is not well understood as many of their protocols are proprietary. In this talk, we present case studies analyzing the first mandated in-car sensor networks (TPMS), widely deployed AMR utility meters, commonly used microphones, and even pacemakers, using a low-cost out-of-shelf software radio platform (USRP). We show that all these systems are vulnerable to attacks that range from wireless eavesdropping to RF interference injection. This leads to privacy concerns as vehicles can be tracked through the identifiers of TPMS or residents’ activities can be recognized through the periodic meter reading reports. In addition, these systems do not employ authentication or basic input validation, thereby allowing for remote spoofing of sensor manipulation. The talk concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems, ARM utility meters, and other forthcoming consumer wireless networks.
Wenyuan Xu received her B.S. degree in electrical engineering with the highest honor from Zhejiang University in 1998, an M.S. degree in computer science and engineering from Zhejiang University in 2001, and the Ph.D. degree in electrical and computer engineering from Rutgers University in 2007. She is a professor in the college of Electrical Engineering, Zhejiang University, and an associate professor in the Department of Computer Science and Engineering, University of South Carolina. Her research interests include wireless networking, network security and privacy. Dr. Xu is a co-author of the book Securing Emerging Wireless Systems: Lower-layer Approaches, Springer, 2009. She received the United State NSF Career Award in 2009 and was selected as the 1000 Young talents of China in 2012. She has served on the technical program committees for several IEEE/ACM conferences on wireless networking and security, and she currently serves as the associate editor of EURASIP Journal on Information Security, Ad Hoc & Sensor Wireless Networks (AHSWN), International Journal of Autonomous and Adaptive Communications Systems (IJAACS).
Enquiries: Miss Evelyn Lee at tel 3943 8444
For more information, please refer to http://www.cse.cuhk.edu.hk/seminar.