Daniel Bastos

Topic: 
Multi-Staged Attacks & Advanced Malware
Research work: 

To develop techniques that improve the likelihood of detecting evasions unfolding of potentially long periods of time. To develop new defence mechanisms for general classes of malware including as-yet unseen variants of current examples and defences that combine protection against binary-exploits with likely use of social engineering and other mechanisms (such as privilege escalation) in multi-stage attacks.

ESRs Publications

Description:

With the introduction of the Amazon Echo family and Google devices like Chromecast and Home the adoption of IoT devices in the household is bound to increase exponentially this year. While usability is at the front and centre of the experience to facilitate the adoption and use of these new devices, security and privacy are often an afterthought. As a consequence, a dangerous environment of opportunity is available for malicious actors to exploit vulnerable devices sitting in domestic houses. Recent history shows that an attack on IoT devices can be both easy and have destructive consequences, with Internet services like Dyn suffering huge DDoS attacks that affected millions of Internet users. In addition, lots of cheap devices are being released in the market with little to zero security features. Therefore, it’s of paramount importance to address the security issues in the IoT space, especially in home and city environments. Privacy and individual safety are at risk given how personal these devices are and how they are going to shape the future of society. This paper presents a comprehensive survey of current IoT technologies and security issues with a focus on the Smart Home and City environments. We discuss possible solutions for improving IoT security that not only focus on today’s endpoint device security issues, but also the anticipated future attacks on data protocols and connectivity.