IoT and 5G Security: Discovering Wireless Protocol Vulnerability through Fuzzing

  • 15 May 2024
  • 7:00 PM - 9:00 PM
  • 8 Wilkie Road #03-08, Wilkie Edge Singapore 228095
  • 9

Registration

  • (You have not signed up as a member with the local Singapore Chapter)



SYNOPSIS


In this talk, Prof. Sudipta and Dr. Matheus E. Garbelini will provide an overview of their work over the past few years on Wireless Fuzzing. Specifically, they will outline some key challenges they faced in automatically testing COTS wireless devices over-the-air and how these challenges were overcome to develop their security testing technology. They will discuss how their technology has evolved from a generational approach to what they now call man-in-the-middle fuzzing, and how this method uncovered more than 70 security flaws in wireless devices implementing a diverse range of protocols, such as Wi-Fi, BLE, Bluetooth BR/EDR, Zigbee, CoAP, and, more recently, 5G NR.



AGENDA

6:45PM - 7.25PM - Registration, light dinner & networking

7:25PM - 7.30PM - Introduction of Speaker

7.30PM - 8:30PM - IoT and 5G Security: Discovering Wireless Protocol Vulnerability through Fuzzing (including a live demo on a 5G attack on smartphones) by Prof. Sudipta and Dr. Matheus E. Garbelini

8:30PM - 8:45PM - Q&A & Wrap-Up



ABOUT THE SPEAKERS


Dr. Sudipta Chattopadhyay, Associate Professor at Singapore University of Technology and Design (SUTD)


Sudipta received the Ph.D. degree in computer science from the National University of Singapore, in 2013. He is an Assistant Professor with the Information Systems Technology and Design Pillar, Singapore University of Technology and Design, Singapore. His general research interests lie in the broad area of cyber security including but not limited to security for AI, Wireless Technologies, and Internet of Things (IoTs). Together with his student, he discovered SweynTooth, BrakTooth and 5Ghoul, families of Bluetooth and 5G NR vulnerabilities that affect billions of devices worldwide. His research has been featured in WIRED, PC Magazine, Hacker News, among others. His discovery has also generated cyber security alerts from government regulatory agencies including CSA (Singapore), DHS, and FDA.


Dr. Matheus Garbelini, PhD, Research Fellow at Singapore University of Technology and Design (SUTD)


Matheus is a research fellow at SUTD and a White Hat Wireless Hacker by hobby. With his academic background in Electronics Engineering and Computer Science, he has been using automated wireless fuzzing techniques to find flaws in IoT firmware since 2019. Through his research, he discovered implementation vulnerabilities in the chipset of countless Bluetooth, Wi-Fi, and 5G commercial IoT devices. As a result, Matheus's work has raised worldwide awareness among the cybersecurity community about the importance of effectively testing low-level, yet complex wireless protocols before deploying it downstream into the IoT product market.


***************************************************************


This is a chapter professional development event thus 1.5 CPE hours will be available for your CPE submission. To facilitate submission of CPE points on your behalf by the local chapter - please identify yourself clearly with <ISC2 membership number+ your full name when you sign up or during registration onsite.


Notes:

1) As spaces are limited, if you cannot attend after registering, please cancel your registration or email info@isc2chapter.sg at least 2 business days before the event.


2) For ISC2 members residing in Singapore who are not yet members of our local Singapore Chapter, please sign up with us through our ISC2 Singapore Chapter website under "Membership-Join us"

 - https://www.isc2chapter.sg/join-us


Membership Rates:
Professional Member: $50/year
Associate Member (Non-credential holders): $30/year
Student Member: $10/year


© Copyright 2024. ISC2 Singapore Chapter. All Rights Reserved.

Powered by Wild Apricot Membership Software