This website lists information for the 2017/2018 course Security Services of the IoT (SSI) at the University of Twente. # Overview  |  ----|----- Course code|201700083 Coordinator | Cristian Hesselman (SIDN Labs) (cristian.hesselman@sidn.nl) Credits | 5EC (140 hours) Lecturers| - dr. Cristian Hesselman (SIDN Labs)
- dr. Jair Santanna (University of Twente)
- dr. Elmer Lastdrager (SIDN Labs)
- prof. dr. Aiko Pras (University of Twente)
Room|Hal B room 2B Mailing list|ssi@mailman.sidn.nl Quartile | Q4: 23 April to 6 July 2018 # Assessment SSI uses a total of 18 papers and (draft) IETF [RFCs](https://en.wikipedia.org/wiki/Request_for_Comments) in combination with a lab assignment to assess to what extend participants attained the course's learning outcomes (see Background section). Your individual assessment will be based on your deliverables for SSI, which are: - A presentation based on an in-depth study of one of the papers/RFCs - Review 9 other papers/RFCs with optional short summaries - A four-page report on your lab assignment - An oral exam about all 10 papers and the lab assignment To pass SSI, your score will need to be 5.5 or higher, which we calculate as follows: (score presentation) $\times$ 30% + (score lab assignment) $\times$ 40% + (score oral exam) $\times$ 30% Where each of the scores is between 1 (worst) and 10 (best). ## Presentation SSI involves 6 interactive technical lectures (see Schedule section), in one of which you'll need to present a paper or an IETF (draft) RFC (see Papers and RFCs section) on IoT security, with a particular focus on home networks. You'll need to study the paper/RFC in depth and present it in 30 minutes, including 10 minutes of questions and discussion. Please use slides to explain what the paper is about and include your observations and critique. RFCs are typically longer than papers, but also contain a lot of detail you can skip, while the information density in papers is typically much higher than in RFCs. Both your fellow students and your lecturer will score your presentation (50-50), for instance based on clarity and mastery of the document's technical content. We'll hand out evaluation forms at the beginning of each lecture and you must return them before leaving the room. ## Review Papers You will need to review 10 papers/RFCs that we'll discuss in the interactive lectures (lecture 2 through 7) and that you'd like to focus on. One paper/RFC you will present yourself (see Presentation section). The other 9 papers you will review and discuss in-class. If you want, you may hand in a short summary of these 9 papers, which you can use during the oral exam (see Examination section). The short summaries merely act as a study aid and we won't evaluate them directly (but indirectly as part of the oral exam). If you want to submit short summaries, please use at most 200 words per paper/RFC (or 1 A4 with diagrams) and submit them to cristian.hesselman@sidn.nl by Tuesday 19:00 CEST before the lecture in which the paper will be discussed. Please prefix the subject line with "[ssi]" (without the quotes). ## Lab Assignment The goal of the lab assignment is for you to gain hands-on experience with measuring and analyzing the network behavior of IoT devices and capturing this behavior in a device profile. In SSI, we'll be using the emerging Manufacturer Usage Description (MUD) [#19] [#20] for this purpose. We will provide you with a GLiNet mini-router to carry out traffic measurements, which is yours to keep. The mini-routers run OpenWRT and [SIDN Labs' software module for IoT security in homenets](https://spin.sidnlabs.nl/en/). We'll be handing out the mini-routers at the first lecture, which is also when you can register for the lab assignment (in teams of two). Your output for the lab assignment consists of: 1. A four-page report in the [standard two-column IEEE format](https://www.ieee.org/conferences/publishing/templates.html) that discusses the results of your measurements and your proposal on how to use or extend the MUD specification to describe the behavior you measured (an actual MUD spec). You may use text, graphs, tables, or a combination thereof. 2. A capture of the IoT device's network traffic (e.g., using TCPdump), which you will need to send to cristian.hesselman@sidn.nl using a service like https://filesender.surfnet.nl/. You will need to carry out the lab assignment in teams of two. The deadline for submitting the report is Wednesday June 20, 2018, 23:59 CET. We'll be evaluating your report on parameters such as clarity and soundness of the methodology you used. Elmer Lastdrager from SIDN Labs will be on site after lectures 3 and 4 (see Schedule section) to answer any practical questions you may have on the lab assignment. If we consider your work a suitable short-term input for the draft MUD specification [#19], then we'll be in touch to discuss how to proceed. Team | Members -----|-------- 1 | Calvin & Kasper 2 | Rick & Etienne 3 | Stiliyan & Nazish 4 | Ivan & Metin 5 | Leonidas & Filip 6 | Liza & Kimberly 7 | Melcher & Michael 8 | Christiaan & Gijs 9 | Rien & Andrea [Table [labs]: Lab teams.] ## Examination The exam consists of a 20 minute interview with one of the SSI lecturers. We'll evaluate to what extend you attained SSI's learning goals (see Background section) based on the paper you presented, the other 9 papers you reviewed, and the MUD papers ([#19] and [#20]). We'll be asking in-depth questions about the paper/RFC you presented and more high-level ones about the other 9 papers/RFCs (and the two MUD-papers) you reviewed on and for which you may provide a short summary (see the Review Papers section). # Schedule Table [schedule] shows SSI's schedule, which consists of a total of 9 lectures: an introduction, 6 interactive technical sessions with presentations on papers and RFCs, and two examination sessions (you'll be in one of them). We also provide two Q&A slots to help you with the SSI lab assignment. You must attend all lectures because of their interactive nature and because you'll need to provide feedback on the presentations of your fellow students (see the Presentation section). Lecture | Date | Contents | Presentation #1 | Presentation #2 | Presentation #3 -------|-------------|--------|------------|----------------|------|------ 1 | April 25 | **Course introduction**
Lecturer: Cristian Hesselman (SIDN Labs)
- SSI assessment, schedule, and background
- Admin matters, such as signing up for the lab assignment
[Lecture slides (pdf)](./slides/lecture1-intro.pdf)

**Guest lecture**: IoT and DDoS attacks
Lecturer: dr. Jair Santanna (University of Twente)
[Lecture slides (pdf)](./slides/lecture1-ddos-iot.pdf) - | May 2 | **No Lecture** 2 | May 9 | **Interactive lecture**: IoT concepts and applications
Papers/RFCs: [#1] [#2] [#3]
Lecturer: Cristian Hesselman
[Intro slides](./slides/lecture2-intro.pdf) | Rien [#1]
[Slides](./slides/lecture2a-rien.pdf) | Leon [#2]
[Slides](./slides/lecture2b-leon.pdf) | Calvin [#3]
[Slides](./slides/lecture2c-calvin.pdf) 3 | May 16 | **Interactive lecture**: IoT-powered attacks Papers/RFCs: [#4] [#5] [#6]
Q&A lab assignment (12.45-13:30)
Lecturer: Cristian Hesselman
[Intro slides](./slides/lecture3-intro.pdf) | Christiaan [#4]
[Slides](./slides/lecture3a-christiaan.pdf) | Rick [#5]
[Slides](./slides/lecture3b-rick.pdf) | Michael [#6]
[Slides](./slides/lecture3c-michael.pdf) 4 | May 23 | **Interactive lecture**: IoT security measurements Papers/RFCs: [#7] [#8] [#9]
Q&A lab assignment (12.45-13:30)
Lecturer: Elmer Lastdrager | Kimberly [#7]
[Slides](./slides/lecture4a-kimberly.pdf) | Gijs [#8]
[Slides](./slides/lecture4b-gijs.pdf) | Etienne [#9]
[Slides](./slides/lecture4c-etienne.pdf) 5 | May 30 | **Interactive lecture**: security systems for homenets Papers/RFCs: [#10] [#11] [#12]
Lecturer: Cristian Hesselman | Metin [#10]
[Slides](./slides/lecture5a-metin.pdf) | Kasper [#11]
[Slides](./slides/lecture5b-kasper.pdf) | Filip [#12]
[Slides](./slides/lecture5c-filip.pdf) 6 | Jun 6 | **Interactive lecture**: IoT protocol standards Papers/RFCs: [#13] [#14] [#15]
Lecturer: Cristian Hesselman | Nazish [#13]
[Slides](./slides/lecture6a-nazish.pdf) | Stiliyan [#14]
[Slides](./slides/lecture6b-stiliyan.pdf) | Melcher [#15]
[Slides](./slides/lecture6c-melcher.pdf) 7 | Jun 13 | **Interactive lecture**: IoT intrusion detection and sharing Papers/RFCs: [#16] [#17] [#18]
Lecturer: Cristian Hesselman | Andrea [#16]
[Slides](./slides/lecture7a-andrea.pdf) | Ivan [#17]
[Slides](./slides/lecture7b-ivan.pdf) | Liza [#18]
[Slides](./slides/lecture7c-liza.pdf) 8 | Jun 20 | Oral exam, first 9 candidates (in **HB 2B**)
Students: Filip, Ivan, Nazish, Stiliyan, Leon, Calvin, Kimberly, Rien, Andrea
Examiners: Cristian & Elmer - | June 27 | **No Lecture** Extra | June 28 | **Extra lecture about DNS**
13:45 - 15:30 @ CR 2G
Lecturer: Marco Davids (SIDN)
[Slides](./slides/lecture-extra.pdf) 9 | Jul 4 | Oral exam, remaining 9 candidates (in **HB 2B**)
Students: Metin, Christiaan, Rick, Michael, Gijs, Etienne, Kasper, Melcher, Liza