Minimizing IoT DDoS attacks: Rambus Showcases IoT Security Demo with Qualcomm Technologies at CES 2017
This entry was posted on Monday, January 9th, 2017.
Last week, Rambus showcased its IoT security service and technology in the Qualcomm Technologies booth (#10948) exclusively at CES® 2017 in Las Vegas. The service and technology offerings by Rambus are designed to take advantage of security-focused features in Qualcomm Technologies’ chipsets to facilitate protected IoT communication and lifecycle management.
Image Credit: CES
This demonstration showcased Rambus and Qualcomm Technologies’ efforts on a unique use case highlighting a smart city application. The demo featured both companies’ technologies, illustrating how their combined solutions can provide a more robust and secure IoT end point compared to similar offerings without such solutions. The Qualcomm® SnapdragonTM 820 processor and the QCA4010 Wi-Fi chip were connected to an IoT cloud service using a protected link while Rambus’ CryptoManager security platform was utilized to illustrate how IoT devices can be safeguarded to significantly reduce service vulnerability to Distributed Denial of Service (DDoS) attacks.
With Qualcomm Technologies’ historic success in embedded hardware processors and Rambus’ success in security-oriented technology, the demo further showcased the combined elements help develop next-generation IoT security features for smart city applications. The CES demo highlighted Rambus’ superior security-focused features which include mutual authentication and encrypted communication embedded into select processors from Qualcomm Technologies. These unique features protect IoT devices from being used by hackers in malicious botnets and prevents the IoT cloud service from being attacked by cloned devices.
As more and more “things” connect to the Internet, the danger of nefarious attackers exploiting unsecured devices looms ever larger. Indeed, DDoS flooding attacks – which seek to disrupt legitimate access to online services – have been deemed “one of the biggest concerns” for cyber security professionals.
Protecting Internet infrastructure companies and services from DDoS attacks can be quite challenging, as it is often difficult to shield the IP layer from a concerted cyber offensive. However, it is important to note that the impact of DDoS attacks can be significantly mitigated by safeguarding vulnerable IoT endpoints. Put simply, protected IoT endpoints act as a critical bulwark against nefarious botnets that exploit and recruit hundreds of thousands of defenseless “zombie” devices.
For instance, an attacker cannot add a device to a botnet without establishing an unauthorized communication channel. Allowing only legitimate, verified cloud services to communicate with IoT devices will help prevent the creation of such rogue channels. This paradigm, facilitated by a hardware root-of-trust, ensures that each IoT device is uniquely and cryptographically verified to determine if it is authorized to connect to a specific service. Infected and hijacked devices that are not authenticated are denied access to the service – reducing the overall effectiveness (and damage) of a DDoS attack on a provider and other services.
It should be noted that an embedded hardware root-of-trust can also be used to help minimize vulnerabilities discovered in IoT products after deployment by providing a secure device management framework to push over-the-air (OTA) patches and firmware updates.
Qualcomm and Snapdragon are trademarks of Qualcomm Incorporated, registered in the United States and other countries.
Qualcomm Snapdragon and QCA4010 are products of Qualcomm Technologies, Inc.