“Embedded systems” used to imply highly specialized hardware, custom operating systems, and a close-to-assembler programming style to wring out as much performance as possible out of platforms that had no spare computing power. Thus embedded systems were generally trusted to harbor no malicious surprises as long as they performed their intended tasks. However, the embedded world has changed, and none of these assumptions holds true anymore.
These days, expect your embedded system such as a printer or a set-top box to be based on a commodity OS with a stock kernel, which supports all kinds of unexpected functionality such as packet routing, sniffing, and forging. The proverbial “networked toasters” could just as easily turn into man-in-the-middle bots and covert gateways into your networks, while never failing in their direct duties, and with all of their warranty seals intact.
He will talk about subverting commodity stock-kernel embedded systems, and ways to prevent it.
Sergey Bratus is a Research Assistant Professor the Computer Science Dept. at Dartmouth College. His research interests include designing new operating system and hardware-based features to support more expressive and developer-friendly debugging, secure programming and reverse engineering; Linux kernel security (kernel exploits, LKM rootkits, and hardening patches); data organization and other AI techniques for better log and traffic analysis; and all kinds of wired and wireless network hacking.
Before coming to Dartmouth, he worked on statistical learning methods for natural text processing and information extraction at BBN Technologies. He has a Ph.D. in Mathematics from Northeastern University.