Mastercard-CIC IoT Laboratory | UNB

Global Site Navigation (use tab and down arrow)

Canadian Institute for Cybersecurity

 

Mastercard-CIC IoT Laboratory

Brief Intro to IoT

The Internet of Things (IoT) connects billions of devices ranging from smart rings to large-scale industrial equipment. Currently, there are many landmark applications of IoT technology in diverse sectors such as smart homes, connected cars, smart cities, and e-health. The future of IoT has the potential to be limitless. However, every endpoint that is connected to the Internet is exposed to increased cybersecurity risk and vulnerability. Several research studies have unraveled security vulnerabilities in IoT networks. Top among these cybersecurity issues include vulnerable devices and applications, data privacy, and lack of consensus on common standards. Every connected IoT device is a data collector, they often store and transmit highly private and sensitive data such as health and financial transactions and thus require protection from cybercriminals. Recently, organizations are beginning to recognize the need for employee training and awareness as it relates to IoT threats.

Purpose of the IoT lab and its potential use

 The CIC IoT Security Lab is a centre for research, training, and the automatic testing of IoT endpoints, networks, connectivity protocols, applications, and information security against a set of security requirements and operational conditions. Researchers at CIC will replicate real-world smart IoT networks inside the lab to study security, privacy, and network performance. By hosting several devices, the IoT Security Lab provides a unique opportunity for students, researchers, and other users to experiment with new devices and applications, develop and test novel methods, generate specialized datasets, and apply artificial intelligence techniques to uncover new insights and valuable information for IoT privacy and security. The CIC IoT Security Lab will have a major role in the following areas.
  • Training: innovation and talent development in cybersecurity to prepare highly qualified personnel to meet both current and future needs. The lab will serve as a platform for the Master of Applied Cybersecurity (MACSec) and the Research Intensive Cyber Knowledge Studies (RICS) programs.
  • Research: support for conducting cutting-edge research in cybersecurity. Some of those who will benefit from these include internal and external graduate students of cybersecurity, industry project research, and multidisciplinary research. The CIC is a hub for public cybersecurity datasets used around the world by universities, private industry, and independent researchers. The lab will enable the development of many specialized datasets to support further research.
  • Collaboration: partnerships with other academic institutions, industries, and government agencies to develop transformative solutions to the growing cybersecurity threats and challenges. The lab will serve as a resource for current and future collaboration initiatives such as the CIC-NRC Cybersecurity Collaboration Consortium (CNCCC) geared towards discoveries and advances in cybersecurity including publications, patents, and the commercialization of technology solutions.
  • Testing: serve as a testbed for conducting rigorous, transparent, and replicable testing of the security and privacy status of existing and new IoT technologies. The testbed setup consists of a Faraday cage (shielded room) for testing the vulnerability of IoT devices and various systems architectures. The testbed currently supports various communication protocols such as Bluetooth, Wi-Fi, Z-Wave, and ZigBee and can serve the needs of many vendors.

Design of lab architecture and is its description

The CIC IoT Security Lab is designed to support experimental security and privacy research, training, and industry collaboration in consumer (wearable and smart home) and industrial IoT (smart grid) uses cases.

 

 

Wearable Security Lab

The CIC Wearable Security Lab serves as a:

  • hub for research and innovation in the domain of wearable IoT security and privacy. Some of the use case scenarios include vulnerability scans, identifying malicious attacks such as spoofing and attempts to generate communication on behalf of a wearable IoT device.
  • testbed for large corporations and start-ups involved in developing or deploying new wearable IoT devices and solutions

Smart Home Security Lab

The CIC Smart Home Security Lab serves as a hub for:  

  • implementing different scenarios regarding the security of smart home IoT devices. Some of the security scenarios include user credentials, personal data, surveillance camera privacy leakage, and location estimation.
  • implementing different smart home risk assessments by utilizing different models and decision awareness that optimizes risk for decision support. These include measuring the possibility of inference through sensor data and giving users a chance to conduct different attacks such as eavesdropping, task, and location inference attacks.
  • simulating different smart home IoT environments for research and awareness training in identifying threats and vulnerabilities. These include identifying the device type, different motion and position sensors, and attack scenarios.

Smart Grid Security Lab

The CIC Smart Grid Security Lab serves as a:

  • hub for implementing different scenarios regarding the security of smart home IoT devices.
  • testbed of industrial IoT with a focus on substations and other energy sectors.

 

List of 'Category of devices'

 The current infrastructure and devices in the CIC IoT Security Lab support various network and data communication protocols including Wi‑Fi, Bluetooth, Z-Wave, Zigbee, and a variety of industrial communication protocols. These include:

  • Core infrastructure: these are hardware and software tools such as firewalls for preventing threats and safely enabling applications and portable power generators to support outdoor experiments. Other core infrastructure items include edge and Internet gateways configured to support the collection and aggregation of data from various devices and sensors as well as to provide compact and secure connectivity for IoT deployments in power-constrained, industrial, or harsh environments.
  • Faraday cage: this is used as a protective shield against electromagnetic radiation coming from the external environment or to prevent electromagnetic energy radiating from the internal components from escaping the cage. The cage is aimed to support research, development, and testing of devices and services that might cause cybersecurity threats or transmit signals that could interfere with broadcast, government, and military networks.
  • Data services and server networks: these are state-of-the-art servers configured to support data ingestion, fusion, storage, analytics, and a variety of services while delivering fast response times. 
  • Laptops and desktop towers: to support student research and other computing needs in the lab.
  • Smartboards: connected to a streaming system for interactive teaching and research.
  • IoT development kits: these include several Raspberry Pi 4, BeagleBone, Arduino, and LED Smart Bulb developments kits.
  • Wearable IoT devices: these include Bluetooth speakers, Apple Watches, Smart Galaxy Watches, Fitness Trackers, Fitbit Ionics, Blood Pressure Monitors, Bluetooth Smart Scales, Item Trackers, CubiTag locators, Galaxy Buds, Oxygen Monitors, Galaxy Phones, iPhones, and VR Headsets.
  • Smart Home IoT devices: these include smart light switches, smoke detectors, speakers, coffee makers, microwaves, door locks, scales, and TVs; indoor face recognition and surveillance cameras and drones; sensors such as leak, motion (accelerometer, gravity, gyroscope), environment (light, temperature, proximity, audio, camera, barometer), and position (GPS and magnetic); and hubs such as Samsung SmartThings to connect a wide range of smart devices and make them work together wirelessly.
  • Industrial IoT devices: these include smart grid equipment such as overcurrent/feeder protection and TestStand Debug Deployment Environment to support the development and testing of secure industrial IoT systems.

 

 

List Brief description of current projects using IoT

CIC IoT Dataset Generation

This project aims to generate a state-of-the-art dataset for profiling, behavioural analysis, and vulnerability testing of different IoT devices with different protocols such as IEEE 802.11, Zigbee-based and Z-Wave protocols. Current experiments and data collection experiments include:

  • Power experiments: around forty devices configured and powered on individually and the network traffic captured in isolation.
  • Idle-time data: a batch file that contains a script is configured to collect each device’s network traffic using dumpcap, with each instance being filtered by their respective MAC addresses. The Idle-time data is captured for 8 hours starting in the late evening and continued till early in the morning.
  • Interaction experiments: captures the network activity and transmitted packets for each functionality on IoT devices.
  • Daily experiments: captures whole network communication of IoT devices throughout the day. This includes passively generated network activity from the devices of lab users as well as data generated when the users actively interact with the devices.
  • Scenario-based experiments: captures simulated network activity of smart home based on five different types of scenario experiments using a microcosm of devices. Additionally, this process provides data on how devices may interact with each other as activities occur simultaneously.

IoT/OT Security Orchestration

This project focuses on using custom STIX data models and TAXII to perform remediation within OT and IoT environments. A data exchange layer named CIC-PolyglOT receives a request for mediation via TAXII containing a STIX object and the object is translated into the required OT/IoT protocol-specific message that is sent to the device.

CIC Utility Testbed

This project focuses on the creation of a substation utility testbed for attack detection and mitigation. Currently, a Siemens S7-1500 Starter Kit has been set up and performs Modbus communication with Raspberry Pi. Also, the process of setting up a soft PLC is ongoing.