Security Analysis of the Internet of Things: Hack, Art and Science of Fuzz Testing
Date and Time
Location
Hosts
Registration
- Date: 19 Apr 2024
- Time: 11:00 AM to 12:00 PM
- All times are (UTC-05:00) Central Time (US & Canada)
- Add Event to Calendar
- 301 Sparkman Drive
- Huntsville, Alabama
- United States 35899
- Building: Engineering Building
- Room Number: ENG 258
- Click here for Map
- Contact Event Host
- Co-sponsored by UAH Electrical and Computer Engineering Department
Speakers
Dr. Mengfei Ren
Security Analysis of the Internet of Things: Hack, Art and Science of Fuzz Testin
With the rapid expansion of the Internet of Things (IoT) market, innovative wireless communication protocols such as Zigbee protocol have gained widespread adoption to minimize resource consumption in IoT devices. Recent revelations of numerous serious vulnerabilities within these
protocols have significantly impacted various IoT manufacturers and their devices. Consequently, it becomes imperative to perform security testing on those resource-constrained protocols. However, implementing existing vulnerability detection methods like fuzzing for these protocols proves challenging because of vendor-specific requirements and unique hardware configurations. This
presentation will focus on the examination of security concerns within IoT systems using the widely used Zigbee wireless protocol as a case study. The presentation will discuss the cutting-edge solutions for identifying security vulnerabilities in IoT networks. Further, we will explore the application of fuzz testing, a prominent technique, to Zigbee protocol implementations, addressing the practical
technical hurdles involved. Finally, we will conclude by outlining intriguing areas for future research, including a roadmap for comprehensive fuzz testing within IoT systems.
Biography:
Mengfei Ren received her Ph.D. in Computer Science and a Master of Computer Science from University of Texas at Arlington in 2023 and 2013 in Arlington, TX, USA. She is currently an Assistant Professor in the Electrical and Computer Engineering Department at UAH. Dr. Ren’s research interests span software engineering and cybersecurity, particularly on applying advanced software testing techniques to detect security vulnerabilities in IoT system and AI-based software applications. Her research has disclosed several 0-day vulnerabilities in a mainstream Zigbee protocol stack. Currently,
her research focuses on developing robust and integrative security analysis platform for detecting security problems in IoT wireless protocols and modern compilers. For details visit the Mengfei Ren (mengfei-ren.github.io)
Media
Event Information | 285.85 KiB |