Ryan Speers

Ryan-Speers

Talk Title:

Hacking Automatically: Applying Program Analysis to IoT

Abstract:

We cover program analysis for vulnerability discovery, demonstrating how to find new and previously known bugs across 20 IoT devices, and how tooling augments a researcher. Attendees will receive an understanding of challenges in analyzing firmware and of bug class patterns for memory corruption. We will share 20 examples of where this approach was able to quickly identify security vulnerabilities across different bug classes.

Bio:

Ryan has assessed a wide range of embedded devices, finding vulnerabilities via physical attacks, network access, firmware reversing, and other techniques. He has led design of remediations or new systems, frequently focusing on their cryptographic protocols and protections. Ryan is also known for his research on the security of radio protocols, including IEEE 802.15.4/ZigBee and maintenance of the KillerBee framework frequently used to assess these protocols. Additionally, Ryan has a passion for producing tools that help security analysts, reverse engineers, and others to leverage automation and program analysis techniques to better find vulnerabilities.

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved