As use of IoT devices explodes, detecting vulnerabilities becomes nascent industry

Using a device’s personality profile to detect behavior anomalies, companies can bolster security

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

The num­ber of machine-to-machine con­nect­ed devices—the Inter­net of Things—is grow­ing faster than the world pop­u­la­tion. Cis­co esti­mates that M2M con­nec­tions will grow from 4.9 bil­lion in 2015 to 12.8 bil­lion by 2020 (esti­mat­ed world pop­u­la­tion in 2020: 7.7 bil­lion).

Growth in IoT secu­ri­ty expen­di­tures is as robust. Gart­ner puts end­point IoT secu­ri­ty spend­ing at $1,183 bil­lion in 2015, and esti­mates $3,010 bil­lion in 2020.

Everybody’s real­iz­ing that IoT secu­ri­ty is a seri­ous prob­lem,” says Xu Zou, CEO and co-founder of Sil­i­con Val­ley start­up Zing­Box.

But many ven­dors are try­ing to solve the prob­lem with incre­men­tal changes to exist­ing prod­ucts that are repack­aged for IoT, Zou says.

We found that exist­ing prod­ucts with these incre­men­tal changes can­not effi­cient­ly secure IoT devices,” he says.

Relat­ed video: As Inter­net of Things expands, so do risks

The secu­ri­ty chal­lenge could sti­fle the indus­try. May Wang, Zing­Box co-founder and chief tech­nol­o­gy offi­cer, points to last year’s IoT-enabled DDoS attack as an exam­ple.

I heard many voic­es say­ing that we should slow down or even stop IoT deploy­ment because of that,” she says.

Yet deploy­ment is inevitable and IoT holds much poten­tial for both con­sumers and busi­ness­es.

The right thing to do is not to slow down or stop IoT deploy­ment, but to address secu­ri­ty issues,” Wang says.

ZingBox’s answer is IoT Guardian, a built-from-scratch solu­tion that comes out of Wang’s and Zou’s exten­sive work in net­work­ing and secu­ri­ty.

After a beta launch last sum­mer, the cloud-based soft­ware was pub­licly released in Feb­ru­ary. Now, Zing­Box is flex­ing its mus­cles to become a thought leader in the nascent—and hot—space of IoT secu­ri­ty. The vision, in Wang’s eyes, is to become “the dri­ving force to col­lab­o­rate with all par­ties to move IoT secu­ri­ty for­ward.”

The Zing­Box approach

Through deep, machine-based learn­ing, IoT Guardian detects IoT devices with­in a com­pa­ny. Once dis­cov­ered, they can be pro­tect­ed based on what Zing­Box calls the devices’ per­son­al­i­ty pro­files.

Guardian cre­ates each pro­file based on the type of device (e.g. X-ray machine vs. ther­mo­stat), man­u­fac­tur­er-spe­cif­ic dif­fer­ences and “per instance” (i.e., how the cus­tomer uses it).

We can learn the device’s per­son­al­i­ty no mat­ter how it evolves over time,” Zou says.

With­out touch­ing the device or access­ing sen­si­tive infor­ma­tion, Guardian extracts meta­da­ta like MAC address­es, IP sta­tis­tics and traf­fic pack­ets. Based on meta­da­ta and device per­son­al­i­ty, it detects unchar­ac­ter­is­tic behav­iors in real time.

Cus­tomers can choose to have Zing­Box auto­mat­i­cal­ly block sus­pi­cious tasks or to ana­lyze the infor­ma­tion and act on it in-house.

Smart­phones are mul­ti­func­tion­al devices. In con­trast, each IoT device is designed for spe­cif­ic tasks, so it has a lim­it­ed set of behav­iors and flow pat­terns, Zou says. This com­mon­al­i­ty inspired the idea of device per­son­al­i­ties.

Launched through the Stan­ford-StartX Fund, Zing­Box took a year and a half to build a team—coming from places like Cis­co, Palo Alto Net­works, Fire­Eye, Google and Yahoo—and devel­op a beta prod­uct.

Court­ing com­pe­ti­tion

May Wang, Zing­Box co-founder and CTO

Wang says launch­ing the start­up was an easy deci­sion. She says, “I asked myself: How many times could it hap­pen in a person’s life, that this big wave is com­ing and it falls right inside the domain of my exper­tise?”

Cis­co, Syman­tec and Rapid7 are among the estab­lished lead­ers mov­ing into this ver­ti­cal. Zou expects to see more ven­dors com­ing up with solu­tions, and feels that com­pe­ti­tion is good news, both for the indus­try and cus­tomers.

IoT secu­ri­ty needs more atten­tion and bet­ter solu­tions, for sure,” he says.

This stage of IoT secu­ri­ty is sim­i­lar to PC devel­op­ment in the 1980s, Wang says, adding that she hopes this nascent indus­try doesn’t pay the same price before estab­lish­ing secu­ri­ty pro­tec­tions.

Lots of inno­va­tion is need­ed in this field because of the new chal­lenges of IoT,” she says. “Not only in tech­no­log­i­cal areas but also in terms of orga­ni­za­tion, pol­i­cy and legal.”

More sto­ries relat­ed to Inter­net of Things secu­ri­ty:
Secu­ri­ty of the Inter­net of Things takes on new urgency
Data secu­ri­ty even more crit­i­cal as Inter­net of Things mul­ti­plies, morphs
Why more attacks lever­ag­ing the Inter­net of Things are inevitable
Retail­ers expect­ed to spend bil­lions on Inter­net of Things

 


Posted in Featured Story, Internet of Things