Four undergraduate students in the Departments of Electrical and Computer Engineering and Computer Science and Engineering at Texas A&M University placed third in the national Embedded Security Challenge, which was part of the International Cyber Security Awareness Worldwide (CSAW) competition.
For the challenge, several teams were tasked with showing device vulnerabilities. This year's competition centered on the security implications of the wide deployment of “internet of things” devices, which is the network of physical devices, vehicles, home appliances and other “smart” items, and how to prevent future attacks.
The Aggie team’s project demonstrated an attack on a Bluetooth bulb. They showed that they were able to hack it and modify the light color, turn it on and off, and transmit data, which exposed just how vulnerable this type of embedded system is to hackers.
In such a short period of time the team has set itself apart from others in the nation.
The Texas A&M team, comprised of students Ryan Vrecenar, Joshua Zschiesche, Michael Hall and Mahesh Naidu, were advised by electrical and computer engineering professor of practice, Dr. Stavros Kalafatis and assistant professor Dr. Jeyavijayan Rajendran. Eight other finalists competed in the challenge. The competition, held Nov. 8-11 at the New York University Tandon School of Engineering, included teams from around the world.
“This competition was a unique opportunity to learn and develop embedded hardware security,” Vrecenar said. “Seeing firsthand the security of an IoT (internet of things) device, its APIs, as well as a whole new scope of 'what happens after an exploit' to wrap [the] mind around how an adversary could use side channels available to them was an experience we hadn't gotten at this depth in all of my schooling. By thinking on the data exfiltration problem domain, we were able to shape defense techniques and explore complexity and covert trade-offs of possible attacks and think how an attacker or defender to a resource could think.”
This was the second time the Texas A&M team participated in this competition, placing fourth last year and now moving up the ranks.
“Our students have shown a natural inclination toward the skills necessary to excel in cybersecurity,” Rajendran said. “The seniors made great improvements since last year and invested in the future by mentoring their younger peers ahead of and during the competition.”
“In such a short period of time the team has set itself apart from others in the nation,” Kalafatis said.
The Embedded Security Challenge is the oldest hardware security competition in the world and is aimed at hacking into the hardware of embedded systems.