FloCon 2018 has ended
Tucson, AZ – January 8-11, 2018


Watch this space for details on the technical program for FloCon 2018. In the meantime, see the FloCon website at www.cert.org/flocon.
Back To Schedule
Thursday, January 11 • 1:30pm - 2:00pm
Automated Detection and Analysis of IoT Network Traffic Through Distributed Open Source Sensors and Citizen Scientists

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

The Internet of Things (IoT) is revolutionizing how we think of computing. Between home automation and wearable technology more and more low power devices are being deployed at an accelerated rate.  Unfortunately, it seems we have not learned from security mistakes of the past. Major attacks like the Marai Botnet were possible because of simple mistakes in software design. As the market has not yet reacted to demand that security be built in from the ground up what can we do to protect the IoT?

This talk will cover securing the Internet of Things (IoT) through network based detection leveraging low cost distributed sensing, machine learning and citizen scientists. The platforms, communications and use cases of IoT are varying enough that traditional IDS signatures are not the right solution. Behavioral based approaches will be required to catch the ever-changing attacks on the IoT.

Using citizen scientists to deploy open platform sensors users can help to detect and monitor IoT threats in real time. By enpowering the citizen scientist through local visualization that is performed on an interactive touch screen on the sensor we can create more situational awareness around the security of their networks.

Through the collection of NetFlow, DNS and IP reputation data at the sensor, initial triage is performed before being sent to a cloud based machine learning environment.  The machine learning environment is also fed information from a system of distributed IoT honeypots to ensure attack data is continually analyzed by the cloud.

Through this system we will secure the end users IoT devices and create additional awareness around information security.  The data is also available for researchers to assist is additional study.

Attendees will learn: This talk will challenge security researchers to think outside the box of our research community and how we can better work to educate end users about security issues.

avatar for Joe McManus

Joe McManus

Professor, University of Colorado
Joe McManus is an expert in the field of information security with years of experience in research and industry. Joe leads the Network Security masters program in the ITP department at CU Boulder. Prior to joining ITP, Joe was a researcher at CERT, part of the Software Engineering... Read More →

Thursday January 11, 2018 1:30pm - 2:00pm MST
Presidio III, IV, V

Attendees (6)