08-16, 12:30–14:30 (US/Eastern), Workshop B / Tobin 221
A foundational component of communication between devices is the TCP/IP network stack. Web browsing, streaming video, secure control, and innumerable other applications are built upon this technology. This 3-part demonstration will use open source tools to focus on the data transfer components UDP and TCP while targeting an IoT device. Part 1 is reverse-engineering the network commands to better understand them and then mimic it (a common attack strategy). Network protocols will be discussed during this process. Armed with our new knowledge and skills, part 2 will take them a step further to discover and analyze malware present on the IoT device. Part 3 will cover fundamentals of network latency vs network throughput by forced network degradation. This presentation is light on slides and heavy on demos.
A foundational component of communication between devices is the TCP/IP network stack. Web browsing, streaming video, secure control, and innumerable other applications are built upon this technology. This three-part demonstration will use open source tools to focus on the data transfer components UDP and TCP while targeting an IoT device. Part One is reverse engineering the network commands to better understand them and then mimic it (a common attack strategy). Network protocols will be discussed during this process. Armed with our new knowledge and skills, Part Two will take them a step further to discover and analyze malware present on the IoT device. Part Three will cover fundamentals of network latency versus network throughput by forced network degradation. This presentation is light on slides and heavy on demos.
Dan Nagle is a Senior Principal Software Engineer for Insight Global. In his 20+ years of software development experience, he has written and published apps for desktop, mobile, servers, and embedded. He is the author and inventor of Packet Sender, an app used daily by security researchers, featured in manuals from major tech companies, and is taught in universities around the world. He is also the author of 2 network-related patents and a book published by CRC Press. His open-source contributions have received international awards, and he has presented at many developer conferences (Black Hat, DEF CON, IEEE) about them.