Tokyo Institute of Technology: Security main focus at second Fall 2021 IoT seminar
Tokyo Tech’s Collaboration Center for Design and Manufacturing (CODAMA) and the Student Support Center held the second Fall 2021 introductory IoT seminar on December 15 and 22 at Hisao & Hiroko Taki Plaza (Taki Plaza) on Ookayama Campus. The focus of this two-day event — the second of three seminars in fall 2021 — was IoT security.
IoT refers to the connection of items other than computers, such as household appliances, to the internet for more convenient use. IoT-focused seminars, which aim to teach students the basics of IoT, programming, artificial intelligence, and online security in a practical way, have been offered by Tokyo Tech graduates since 2018. Supporting the hybrid December sessions were employees of Soliton Systems K.K., a Tokyo-based IT security company which employees a number of Tokyo Tech alumni. They offered guidance to 10 in-person participants and eight online participants, all of whom were equipped with a Raspberry Pi device that allowed them to create an IoT temperature sensor and conduct cyberattacks on servers to learn more about cybersecurity. Attendees also included two international students from the Institute.
After an opening greeting on Day One from CODAMA Deputy Director Takushi Saito, the participants were taken under the wing of lecturer Kazuki Takezawa from Soliton Systems. With easy-to-understand explanations, Takezawa introduced Raspberry Pi and the operating system Linux, and guided the students from the initial login to the creation of a temperature gauge.
Students connected the temperature sensor to the Raspberry Pi device, inputted their code, and ran it to see if they could measure current temperature and humidity. By sending temperature measurements to the server, the Raspberry Pi device became an IoT temperature sensor, and students created a webpage that displayed the measured data.
Throughout the session, Soliton Systems staff members attentively responded to questions from participants, assisted with equipment troubleshooting, and guided those who were unsure of how to execute their programs, putting everyone at ease.
On Day Two, participants used Raspberry Pi as a security diagnostic tool to experience undermining web authentication using a list of commonly used passwords, analyzing Wi-Fi passwords, breaking into web servers, and tampering with contents.
Using the Hydra tool, students learned about the dangers of using simple passwords by conducting a dictionary attack on a password authentication system. They also monitored Wi-Fi communication with Raspberry Pi and analyzed Wi-Fi passwords by exploiting Wi-Fi Protected Access (WPA) vulnerabilities.
Finally, the students experienced how to exploit vulnerabilities in a web server, break into the server, and rewrite the published contents. Once again, the lecturer carefully explained the software used for the password analysis and gradually introduced the participants to new security terminology, ensuring that the session was tailored to the participants’ levels of understanding and progress.
Day Two ended with some closing words of encouragement from CODAMA Director Takaaki Manaka.