Mr. Wang Kang
Short Biography
Wang Kang is a Staff Security Engineer at Alibaba Group, focusing on security issues of IoT, cyber-physical system, V2X, and trusted computing. He is a contributor of Linux Kernel, (TDD-LTE USB Dongle support) as well as a founder of the Tsinghua University Network Administrators. He was a speaker at Black Hat Europe 2015, Black Hat USA 2017/2018, Virus Bulletin 2018, HITB Dubai 2018, and Black Hat Asia 2019.
Talk Title: IoT PUF or: How I Learned to Stop Worrying and Love Security Research
IoT devices are ubiquitous, fragmented, constrained, and probably critical. Clonality just brings another problem to the table. We’ll discuss what PUF technology could help and the challenges when deploying such a new hardware-based defense mechanism, especially inside a software-based company.
In addition, some ethical thoughts, economic motivations, and methodologies as an industrial security researcher will be briefly introduced to provide ideas to the audiences. We’ll take the effort to detect click farms from MEMS sensors as an example, while pure statistics seems to be a much better way. Yet it’s still believed that economic motivation, or ‘follow the money’, is the ultimate methodology to address these problems. The frequency hopping pattern of the early version of a remote control signal (Futaba 14SG) of commercial drones will be introduced to support the opinions.
In my opinion, finding low-cost replacements for professional instruments and seeking a productive life are always the most lovable parts of being an ethical hacker. We’ll discuss it briefly in the end.