1 / 10

Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE

The CoNSEL Lab at Tel Aviv University, led by Prof. Avishai Wool, focuses on securing device and network communications, emphasizing critical areas such as SCADA systems, wireless security, and side-channel cryptography. Our team, including Ph.D. and M.Sc. students, conducts ongoing research into technologies like RFID, Bluetooth, and Modbus/TCP protocol analysis. We aim to develop robust intrusion detection systems and assess vulnerabilities in industrial control systems and payment technologies. Join us as we explore innovative approaches to maintain secure communication networks.

vaughan
Télécharger la présentation

Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Prof. Avishai Wool: Securing Device and Network Communications: the CoNSEL Lab @ TAU/EE School of Electrical Engineering, Tel Aviv University

  2. Who we are • Prof. Avishai Wool • Ph.D. Student • Amit Kleinman • M.Sc. Students: • DvirSchirman • Noam Erez • AsafTzur • OfirWeisse • Undergradute student • Gal Lerner • Many past members

  3. What we do (2013 snapshot) • Control networks • SCADA: On-going • Wireless Security: • RFID: Prox-cards (payments, access systems, passports, Israeli e-voting) • Side-channel cryptography • Other projects: • RFID: EPC-Gen2 (product labels) • Bluetooth, anti-malware, OS, file systems, …

  4. Example – Power Plant (Coal) On the outside Industrial Sketch

  5. On inside: Typical Components HMI Modbus/TCP (e.g. over Ethernet)

  6. SCADA network security • Industrial control systems (energy, chemical, …) • Control protocol is not protected • Access to control net  “Pwn” all PLCs • Our work: • analyze & model Modbus/TCP protocol • Identify designs for accurate IDS systems • Experiment [TAU has a live Modbus network!]

  7. RFID Prox-card technology • 5cm range • Access systems, transportation, credit cards, passports, Israeli e-vote • Relay attacks • (Extended-range) Jamming • card-to-reader range extension

  8. Range extension attacks Leech Relay Leech Extended range Extended range Ghost Ghost

  9. Side-Channel Cryptanalysis • Devices include secret cryptographic keys • Car alarm systems (keeloq), Cellular SIM cards, … • With device in lab, collect input+output pairs • … plus side channel • E.g., Power consumption trace sampled by scope • Extract secret keys • Our work: algorithms that need very few traces, and can deal with measurement error

  10. Contact: yash@eng.tau.ac.il http://www.eng.tau.ac.il/~yash Questions?

More Related