Infosecurity Europe 2016: Detect Insider and Advanced Threats by Leveraging Machine Learning
Threats to machine clouds
-
Upload
sensepost -
Category
Technology
-
view
782 -
download
0
description
Transcript of Threats to machine clouds
![Page 2: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/2.jpg)
about: us
Georg-Christian Pranschke
http://www.sensepost.com/blog/7733.html
![Page 3: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/3.jpg)
what we’re going to talk about
• the cloud• why this talk ?• machine clouds ?• results: cursory “testing”• what does all this mean ?
![Page 4: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/4.jpg)
The Cloud
![Page 5: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/5.jpg)
clobbering the cloud!
![Page 6: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/6.jpg)
cloud security
![Page 7: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/7.jpg)
Why This Talk ?
![Page 8: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/8.jpg)
security threats to machine clouds• fast growing mobile connectivity • greater number of connected devices• management complexity and high costs
• web-based device management for connected devices
• inherits some of the web app threats plus new
ones
![Page 9: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/9.jpg)
Machine Clouds ?
![Page 10: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/10.jpg)
machine clouds?
![Page 11: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/11.jpg)
machine clouds?• home automation• vehicle tracking• tele-medicine• location-based services• “M2M and connected products are changing our world”• “safer, simpler and more productive”• “less cost per year than full-time employee”
• i.e. ATMs monitoring -> access to finances• i.e. medical equipment -> ensuring very best patient care• i.e. smart signs -> law enforcement • i.e. cars -> driving behaviour to insurance carriers
![Page 12: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/12.jpg)
![Page 13: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/13.jpg)
machine cloud ui: the web application
![Page 14: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/14.jpg)
machine - cloud integration
![Page 15: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/15.jpg)
protocol dissection (i)
DHCP response
![Page 16: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/16.jpg)
protocol dissection (ii)
restart request response
![Page 17: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/17.jpg)
machine – cloud interaction (i)
![Page 18: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/18.jpg)
machine – cloud interaction (ii)
![Page 19: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/19.jpg)
connecting a machine
![Page 20: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/20.jpg)
Results: Cursory “Testing”
![Page 21: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/21.jpg)
#include <disclaimer.h>
![Page 22: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/22.jpg)
approach
Business Logic
Application
Infrastructure
web application/web services <<>> “rogue machine”
![Page 23: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/23.jpg)
the environment (i)
![Page 24: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/24.jpg)
the environment (ii)
![Page 25: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/25.jpg)
threat: exposed administrative interfaces
![Page 26: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/26.jpg)
threats: cms layer (i)
![Page 27: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/27.jpg)
threats: cms layer (ii)
![Page 28: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/28.jpg)
threats: cms layer(iii)
![Page 29: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/29.jpg)
threats: web app layer
![Page 30: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/30.jpg)
clickjacking/ui redressing
![Page 31: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/31.jpg)
SDKs (i)
![Page 32: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/32.jpg)
SDKs (ii)
![Page 33: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/33.jpg)
SDKs (iii)
![Page 34: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/34.jpg)
SDKs (iv)
![Page 35: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/35.jpg)
a side note…
![Page 36: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/36.jpg)
transport layer encryption (i)
![Page 37: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/37.jpg)
transport layer encryption (ii)
![Page 38: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/38.jpg)
lame ? (i)
![Page 39: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/39.jpg)
lame ? (ii)
![Page 40: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/40.jpg)
lame ? (iii)
![Page 41: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/41.jpg)
threat: malicious applets
![Page 42: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/42.jpg)
a side note …
![Page 43: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/43.jpg)
threat: rogue machines
![Page 44: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/44.jpg)
putting it all together
• malicious applets• obtain vendor id or …• unauthorised connection• upload of XSS payload or …• XSS -> session hijacking and …
![Page 45: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/45.jpg)
What Does All This Mean ?
![Page 46: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/46.jpg)
what does all this mean
![Page 47: Threats to machine clouds](https://reader034.fdocuments.us/reader034/viewer/2022042713/54664435af79596f338b502b/html5/thumbnails/47.jpg)
Security Threats to Machine Clouds
Thank You!