This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Friday, October 23 • 11:00am - 12:00pm
MQTT and CoAP: A Story about IoT Protocol Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

As we started to connect more devices and use Machine-to-Machine (M2M) communications in the IoT world, protocols better suited than HTTP were needed to make it possible. These protocols were designed for constrained devices with less processing power, less power consumption, and frequent communications. Like many protocols that have come before them, there is always a little bit of security gray area and the potential to introduce interesting security flaws into concrete implementations. Implementing these protocols across many different programming languages, frameworks, and device platforms adds to the complexity of developing secure real-world systems.

In this presentation we will explore two of the most commonly used IoT protocols, MQTT and CoAP. We will explore how they work, protocols they’re designed to work with, and common architectures. Attacks against the protocols and specific implementations will be demonstrated that can be used to impersonate other devices, knock systems offline, and potentially execute remote code. We will demonstrate how to mitigate these issues within your own code as well as library and framework issues to watch out for.

avatar for Jack Mannino

Jack Mannino

CEO, nVisium
Jack Mannino is the CEO of nVisium. Passionate about security and impossible to keep away from a keyboard, his expertise spans over 15 years of building, breaking, and securing software. Jack founded nVisium in 2009, and since then has helped the world's largest software teams enhance... Read More →

Friday October 23, 2015 11:00am - 12:00pm CDT
Under Armour Room Norris Conference Center, Austin
  Mobile and IoT Track

Attendees (0)