Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben

2019 | Buch

Internet of Things: A Primer Kapitel lesen Erstes Kapitel lesen

The IoT Hacker's Handbook

A Practical Guide to Hacking the Internet of Things

verfasst von: Aditya Gupta

Verlag: Apress

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

Take a practioner’s approach in analyzing the Internet of Things (IoT) devices and the security issues facing an IoT architecture.
You’ll review the architecture's central components, from hardware communication interfaces, such as UARTand SPI, to radio protocols, such as BLE or ZigBee. You'll also learn to assess a device physically by opening it, looking at the PCB, and identifying the chipsets and interfaces. You'll then use that information to gain entry to the device or to perform other actions, such as dumping encryption keys and firmware.

As the IoT rises to one of the most popular tech trends, manufactures need to take necessary steps to secure devices and protect them from attackers. The IoT Hacker's Handbook breaks down the Internet of Things, exploits it, and reveals how these devices can be built securely.
What You’ll LearnPerform a threat model of a real-world IoT device and locate all possible attacker entry points
Use reverse engineering of firmware binaries to identify security issues
Analyze,assess, and identify security issues in exploited ARM and MIPS based binariesSniff, capture, and exploit radio communication protocols, such as Bluetooth Low Energy (BLE), and ZigBee

Who This Book is For
Those interested in learning about IoT security, such as pentesters working in different domains, embedded device developers, or IT people wanting to move to an Internet of Things security role.

Inhaltsverzeichnis

Frontmatter
Chapter 1. Internet of Things: A Primer
Abstract
In the world of communication technology, two of the events that hold special significance are the invention of ARPANET, a computer network allowing computers to exchange data even when being geographically separate, and the rise of the Internet of Things (IoT). The latter, however, was an evolving process instead of a single event. The earliest implementations of the IoT concept occurred when a couple of Carnegie Mellon University students found a way to monitor the number of cans remaining in a vending machine by allowing devices to communicate with the external world. They did this by adding a photosensor to the device that would count every time a can left the vending machine, and thus, the number of remaining cans was calculated. These days IoT devices are capable of monitoring your heart rate, and even controlling it if required in the case of an adverse event. Moreover, some IoT devices can now serve as a source of evidence during trials in court, as seen in late 2015, when the FitBit data of a woman was used in a murder trial. Other incidents include usage of pacemaker data and Amazon Echo recordings in various court trials. The journey of IoT devices from a university dorm room to being present inside human beings is fascinating, to say the least.
Aditya Gupta
Chapter 2. Performing an IoT Pentest
Abstract
In this chapter, we learn how to perform an IoT pentest and understand the first element of it, which is attack surface mapping. A lot of pentesters have not yet been able to move to IoT penetration testing because of the lack of knowledge of how to perform an IoT pentest: What are the different components involved? What tools should be used? How do you execute the overall pentest?
Aditya Gupta
Chapter 3. Analyzing Hardware
Abstract
This is probably the most important chapter for you if you have never played with hardware before. In this chapter, we have a look at how we can understand an IoT device’s hardware from a security perspective for both internal and external analysis. The device, as we have seen in the earlier chapters, is one of the key components in any IoT product. It is the device component that can help reveal many secrets about the device to us, which we can also see later in this chapter.
Aditya Gupta
Chapter 4. UART Communication
Abstract
Universal Asynchronous Receiver/Transmitter (UART) is a method of serial communication allowing two different components on a device to talk to each other without the requirement of a clock. We consider UART in depth in this chapter as it is one of the most popular communication interfaces that has great significance in IoT security and penetration testing. There is also something known as Universal Synchronous/Asynchronous Receiver/Transmitter (USART), which transmits data both synchronously and asynchronously depending on the requirement; however, we have not seen a lot of devices using it. For that reason, we won’t be covering USART, and focus instead on UART.
Aditya Gupta
Chapter 5. Exploitation Using I2C and SPI
Abstract
In this chapter, we have a look at two of the other (apart from UART) most common serial protocols, namely I2C (pronounced I-2-C or I-square-C) and SPI, and see how they are useful for our security research and exploitation of IoT devices. Both SPI and I2C are useful bus protocols used for data communications between different components in an embedded device circuit. SPI and I2C have many similarities and a couple of differences in the way they function and how we interact with them.
Aditya Gupta
Chapter 6. JTAG Debugging and Exploitation
Abstract
In the preceding chapters, we looked at various communication protocols, such as UART, SPI, and I2C. In this chapter, we cover JTAG, which is a bit different from what we have seen so far, and is not exactly a communication protocol. JTAG is a widely misunderstood concept, even within the security community.
Aditya Gupta
Chapter 7. Firmware Reverse Engineering and Exploitation
Abstract
In the preceding chapters, you learned about the attacking of IoT devices using hardware and embedded exploitation techniques. This chapter focuses on the firmware exploitation with which we can exploit the device.
Aditya Gupta
Chapter 8. Exploiting Mobile, Web, and Network for IoT
Abstract
In this chapter, we look at some of the additional ways of exploiting IoT devices, which are through the mobile application, web application, and network penetration testing skills.
Aditya Gupta
Chapter 9. Software Defined Radio
Abstract
So far, we have covered a number of topics for various kinds of software and hardware exploitation. In this chapter, we shift our attention to one of the other core components in any IoT device architecture, communication.
Aditya Gupta
Chapter 10. Exploiting ZigBee and BLE
Abstract
Now that we have a good enough familiarity with radio communications and SDR, it is time to look at some of the most commonly used radio communication protocols, ZigBee and BLE.
Aditya Gupta
Backmatter
Metadaten
Titel
The IoT Hacker's Handbook
verfasst von
Aditya Gupta
Copyright-Jahr
2019
Verlag
Apress
Electronic ISBN
978-1-4842-4300-8
Print ISBN
978-1-4842-4299-5
DOI
https://doi.org/10.1007/978-1-4842-4300-8