Practical IoT Hacking - Since 2024

Dissecting and analyzing an IoT device is a non-trivial task, particularly for beginners. However, this process plays an essential role in security research. In this course, I teach students the fundamentals of analyzing IoT devices through biweekly lectures and practical homework assignments. For these assignments, students will receive an IoT development board to practice on.

Specifically, I am covering the following topics:

• Hardware Analysis: Opening up an IoT device, understanding the hardware components on a PCB.
• Firmware Analysis: Introduction into static and dynamic firmware analysis methods. For instance, how to properly load a firmware image into Ghidra.
• Wireless Communication: How to reverse engineer the communication logic of a device.
• Firmware Updates: What are the steps of updating the firmware on an IoT device and what can go wrong?
• Secure Boot and Physical Attacks with Real-World Examples: Giving insights on how researchs have broken secure boot and explaining it step-by-step.

I am teaching this course every summer semester since 2024.