Professional Documents
Culture Documents
Embedded Systems:
Current Trends
)NCLUDEDåINåTHISå7HITEå0APER -OCANAå#ORPORATION
350 Sansome Street
Introduction
Suite 1010
San Francisco, CA 94104
A Brief History of Hacking
415-617-0055 Phone
Hacking’s Dangerous Third Wave 866-213-1273 Toll Free
Conclusion info@mocana.com
www.mocana.com
References and Further Reading
Copyright © 2009
Mocana Corp.
Perhaps most ominous of the new hacking trends is the upsurge in cyberattacks 2009 (http://www.computerweekly.com/
blogs/david_lacey/2009/03/apocalypse_
against our utility infrastructure. If hackers continue to attack the so-called “smart soon.html)
grid,” which connects sensors and control systems with sophisticated computers
and networks, they could bring our nation’s commerce to a standstill, endanger
lives, and put our national security at risk.
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
In this dangerous new interconnected world, we need to take a serious look
at what types of hacking strategies are being employed today, and implement
security solutions that are designed specifically for mobile and embedded
devices. This paper attempts to highlight some of the latest attacks against
embedded systems, including mobile phones, medical devices, and the nation’s
electric infrastructure.
Phone Hacking group U.S. GAO reports that in 1995, Increase in attacks
Phreaking “414s” break into hackers tried to break into on mobile devices, em-
Los Alamos Nat’l Defense Dept. files 250,000 times; bedded systems, the
Lab. computers ~65% of tries were successful “internet of things”
Some of the early hackers of the 1970s focused on the telephone system.
Calling themselves [phone] “phreaks,” or “phreakers,” they helped themselves to
free long distance by simulating the sounds of phone signals. In the 1980s, when
personal computers became widely available, phone phreaks and other hackers
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
began using modems to connect to Bulletin Board Systems (BBSes), where they
exchanged messages about how to break into computers, steal passwords, and
wreak other kinds of electronic havoc. By 1986, hackers had threatened enough
government and corporate computer systems to prompt the U.S. Government
to make hacking a crime. In 1988, foreshadowing the types of attacks that lay
ahead, ArpaNET, the U.S. government’s precursor to the internet, was brought
to a standstill by a hacker’s experimental, self-replicating “worm” program that
spread to 6000 of the network’s computers.
Around the dawn of the commercial internet in the 1990s, a second wave of
hacking, which took on a more overtly criminal sensibility, began to emerge. One
of the most famous of these second-wave attacks was traced to the notorious
serial hacker, Kevin Mitnick, who was eventually arrested for stealing 20,000
credit card numbers.
&IGUREååå+EVINå-ITNICKåAFTERå
Also in the 1990s, a group of hackers broke into Citibank’s computers and HISåRELEASEåFROMå,OMPOC
siphoned off $10 million to their overseas bank accounts [H5].
Since the early 1990s, hackers have developed a rapidly mutating and
increasingly clever repertoire of attack strategies: embedding rogue programs
in legitimate applications, installing keystroke recorders on unwitting users’
computers, spoofing legitimate websites to “phish” for personal data, hijacking
database information through SQL injection attacks, and even enlisting massive
armies of zombie computers (“botnets”) to spew out phishing emails and spam.
Today, all classes of cybercrooks, from small-time con artists out to make a quick
buck to international crime syndicates, are logging into the global cybercrime
marketplace to buy and sell malware kits, stolen credit card numbers, “how-to-
hack” manuals, and criminalized software development services, in a shadow
economy worth over $750 million in 2007 [H2].
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
against the utility and industrial infrastructure (the “smart grid”)—a danger we
can no longer dismiss as a spy movie scenario.
COMMUTE COMMUTE
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
Trend #1: Growing Attacks on Soft
Infrastructure Targets
Since security for personal computers is getting stronger, hackers are
increasingly looking for “softer” targets. In their sights are the millions of
industrial control and coordination, or SCADA devices, which can be programmed
like computers and have finally become numerous and networked enough to
make it profitable for hackers to attack them. By targeting a city’s infrastructure,
hackers can gain political notoriety, intimidate the public, and extort large
amounts of money from businesses or governments. At a conference in
January 2008, a senior CIA analyst shocked his audience by revealing that
cyberextortionists in another country had “caused a power outage affecting
multiple cities” [S1].
SCADA devices are key players in the “Smart Grid,” the network of sensors and
computerized systems that make up the utility infrastructure of our society. They
monitor and control power generators, refineries, water treatment facilities,
oil pipelines, and electrical power systems. They also comprise an essential
component of our industrial, technology, and communications infrastructure,
controlling building security, manufacturing plants, airport traffic, and military
vessels. As more and more SCADA devices come online, the more our nation’s
health, economy, and security become vulnerable to hacking attacks [S10].
PIPELINE COMPANY
Pipeline
Assets
FIREWALL
FIREWALL
FIREWALL
FIREWALL
PIPES
Control
FIELD
SENSORS
Security Security
Zone Business Zone Control STORAGE
Network Center Pipeline
TANKS
Internet
REFINING COMPANY
Refinery
Control Assets
FIREWALL
FIREWALL
FIREWALL
FIREWALL
COKING
UNIT
CRACKING
Security Security UNIT
&IGUREååå4YPICALå3#!$!å
Zone Business Zone Control STORAGE
Refinery
Network Center TANKS SYSTEM
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
Existing SCADA devices are often decades old and operate with legacy computer
hardware. They tend to be configured with off-the-shelf networking software and
have weak internal security protections. Although guarded by a hard shell on the
outside, with locks, gates, security personnel, industrial facilities may still contain
a soft center—their computerized control systems—an easily penetrable core
which now is exposed to the outside world through the internet.
Corporation Workplace
Planning/ Corporate
Scheduling Network
Operator Operator
Workstation Workstation
Supervisory Control
Control Network
In the past, the majority of SCADA attacks were perpetrated by insiders who
had access to the controls: disgruntled ex-employees or saboteurs. Now,
experts are seeing more and more attacks originating from external sources,
even from residents of foreign countries. In 2004, a British Columbia Institute
of Technology (BCIT) analysis of 24 control system security incidents instigated
by outsiders showed that 36 percent came in through the Internet. Eric Byres,
a BCIT research faculty member, noted that “an awful lot are coming in through
other ways, including dial-up modems, VPN (virtual private network) connections,
remote wireless systems and trusted third party connections” [S2]. One recent
report notes the potential involvement of smart phones in SCADA attacks,
especially as “ubiquitous computing” becomes the norm. An outsider with a
cell phone could manage to access SCADA devices via the phone’s internet
connection [S6].
One of the problems with assessing the prevalence of SCADA attacks is that
they are rarely reported in any detail, for fear of encouraging further attacks and
compromising national security. Companies and governments understandably do
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
not want any information about SCADA breaches to fall into the wrong hands, so … A careful
they fail to share information freely. According to Alan Paller, Director of Research
statistical
for the SANS Institute, “… A careful statistical analysis of validated control
system incidents at 22 major corporations indicates that … the incidents are
analysis of
far more widespread than commonly believed, the targets more wide ranging validated control
and the attackers are not who we think they are. Even more ominous, the data system incidents
shows that getting into most control systems is surprisingly easy” [S11]. For at 22 major
example, in March of 2008, a nuclear power plant was accidentally shut down
corporations
because a computer used to monitor chemical and diagnostic data rebooted after
a software update. In another incident in 2008, a teenager in Poland rigged a TV
indicates that
remote control to control the switch tracks of trams. There were four derailments … the incidents
and twelve resultant injuries [S4]. are far more
Most frighteningly, attacks against SCADA devices are being carried out by
widespread
enemy nations as part of a greater “cyberwarfare” strategy to sabotage the than commonly
U.S. economy and infrastructure. In the U.K., government agencies report that believed, the
attacks against infrastructure targets have increased dramatically. In June 2008, targets more
the UK’s National Infrastructure Security Co-Ordination Centre issued a public
wide ranging
advisory about a series of targeted attacks against the UK central government
and commercial organizations “for the purpose of gathering and transmitting
and the attackers
otherwise privileged information”[H8]. are not who we
think they are.
Alan Paller, Director of Research for the
Trend #2: Long-Predicted Threats SANS Institute
The latest mobile phones are also the most vulnerable to attack. Smartphones,
such as the Apple iPhone and the Google Android phone, now come with
“real” browsers with JavaScript engines, exposing them to traditional browser
attacks, such as Cross-Site Scripting (XSS), Clickjacking, phishing, and other
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
malicious techniques. These phones are also vulnerable to “man-in-the-middle”
attacks, in which a hacker could come between the phone and a web server and
offer malware in the guise of a legitimate update to one of the user’s trusted
applications. Other vectors for smartphone attacks include email, attachments,
web pages, MMS, Facebook, WiFi, and Bluetooth [M3].
As the iPhone and other smart phones continue to gain market share at a rapid
rate, hackers will increasingly focus their efforts on mobile devices. However,
it is doubtful that this new wave of hacking will go through an extended phase
of nuisance hacking as was the case with PCs, instead skipping straight to
for-profit hacking. Although the first iPhone or Android malware writers might
be motivated by street cred like earlier hackers, professional criminals are sure
to follow quickly. According to researchers, the newest of the 420 smartphone
viruses identified since 2004 have reached a state of sophistication that took
computer viruses about two decades to achieve [M6]. Figure 6, from McAfee
[M2], illustrates how mobile security threats have been increasing since the
introduction of popular smartphones.
60%
50%
40%
30%
20%
10%
2008
2007
2006
2008
2007
2006
2008
2007
2006
2008
2007
2006
2008
2007
2006
2008
2007
2006
2008
2007
2006
2008
2007
2006
0%
spam attacks
Phishing attacks
service attacks
Virus/spyware
Voice or text
Third party
in any form
Privacy and
Network or service
capacity issues
infections
application/content
problems
from devices
regulatory issues
Denial of
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
Several features of smartphones make them particularly tempting targets. For
one, mobile users tend to be less guarded than computer users about clicking on
links, enabling SMS phishers (“SMishers”) to gain information or send malware
via a link in a legitimate-looking text message. In addition, mobile phones are a
treasure trove of personal information, such as phone numbers and addresses,
which criminals can extract and sell in the ID fraud marketplace. And, to make
things even easier for cybercrooks, location-enabled smartphones let spammers
personalize malware for each user by mentioning their locale; for example,
by prompting them to click on information about a disaster that supposedly
occurred in their area [M5].
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
Trend #3: The Rush to Network Medical
Devices Outpaces Security
One truly scary attack trend is the growing offensive against medical devices.
A large number of medical devices, such as heart pacemakers, implantable
cardioverter-defibrillators (ICDs), bedside monitors, MRI machines, and portable
drug-delivery pumps, have a CPU and an IP address that enable them to transmit
and receive information, but also expose them to attacks.
Mocana’s CEO, Adrian Turner, says, “The same types of attacks that have
traditionally targeted sectors such as consumer electronics are being directed at
medical devices, with potentially fatal consequences. Attacks we’re beginning to
see directed at medical devices include:
Data destruction.
In a paper published last year by the Medical Device Security center about
pacemakers and ICDs, researchers described how they were able to hack into an
ICD and intercept private data transmissions [D3]. They revealed that ICDs could
be hacked to alter patient data or reset how shocks are administered. Tadayoshi
Kohno, a lead researcher on the project at the University of Washington, who has
studied vulnerability to hacking of networked computers and voting machines,
says that “the risks to patients now are very low, but I worry that they could
increase in the future” [D1].
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
Trend #4: Ubiquity of Easily-Hacked RFID
Technology Threatening Privacy, Driving the
Growth of Sophisticated Identity Thefts
One of the most common attacks on wireless networks is “war driving,” in which
hackers drive around a neighborhood, hunting for unsecured wireless nodes.
In the latest twist on war driving, a security expert cruised around Fisherman’s
Wharf, armed with a cheap RFID scanner and a low-profile antenna, and
managed to clone half a dozen electronic, wallet-sized passports in an hour.
This “war cloning” experiment was so successful, says the researcher, because
the type of RFID in the Homeland Security’s version of a passport emits a real
radio signal, which could conceivably be tracked from a couple of miles away.
Although no criminal hacks of passports or e-licenses have been detected to
date, this insecure technology poses a strong risk for identity theft and invasion
of privacy [R1].
In another RFID hack, anyone with $8 worth of equipment bought on EBay can
sniff the credit card number, cardholder name, and other personal information off
an RFID-equipped, “smart” credit card—without physically coming into contact
with the card. The problem with these “contactless credit cards,” says inventor
Pablos Herman, is that the data is decrypted at the point of sale by a machine
rather than at the card company’s secure data center [R3].
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
Conclusion
Clearly, we’ve come a long way from the days of phone phreaks and Kevin
Mitnick. The latest attack trends threaten not only our privacy, our data, and
our money, but our national security and even our lives. When the possibility
of hackers controlling people’s pacemakers is a topic of serious research, we
know we’re in a new world, one that holds the great promise of connectivity and
ubiquitous computing, but also the potential for criminality and disruption on a
grand scale.
To defend against the new wave of attacks, we need a strategy that is equal
to the adversary—multilayered, complex, and well-organized—and is focused
on the mobile and embedded devices that make up the “internet of things.”
The alternative to protecting these devices (mobile botnets and compromised
water systems; out-of-sync heart pacemakers and stolen identities) presents an
unacceptably high risk.
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
References and Further Reading
(ACKINGåANDåTHEå5NDERGROUNDå%CONOMY
[H1] Cisco, Inc. Cisco 2008 Annual Security Report, December 2008, URL: http://www.
cisco.com/go/securityreport.
[H2] Marc Fossi, Eric Johnson, Dean Turner, et al., Symantec report on the underground
economy, November 2008, URL: http://eval.symantec.com/mktginfo/enterprise/
white_papers/b-whitepaper_underground_economy_report_11-2008-14525717.
en-us.pdf, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFgr)
[H3] Merrick Furst, Richard M. George, George Heron, et al., Georgia Tech Information
Security Center Emerging Cyber Threats Report for 2009, October, 2008.
[H4] Siobhan Gorman, “Fraud Ring Funnels Data From Cards to Pakistan”
Wall Street Journal, October 11, 2008, URL: http://online.wsj.com/article/
SB122366999999723871.html, accessed 2009-3-20. (Archived by WebCite® at
http://www.webcitation.org/5gF1zAfd1)
[H6] “Malware Trends: What Will Attack Us in 2009?” H-Desk.com, Nov 25, 2008,
URL: http://www.h-desk.com/articles/Malware_Trends__What_Will_Attack_Us_
in_2009__a45_f0.html, accessed: 2009-4-6. (Archived by WebCite® at http://www.
webcitation.org/5gELyrFhl)
[H8] Pinsent Masons LLP, “Hack Attacks Shift to Applications,” November 23, 2005,
URL: http://www.out-law.com/page-6374, accessed: 2009-4-6. (Archived by
WebCite® at http://www.webcitation.org/5gELyrFhS)
[H10] Trend Micro, Inc., Trend Micro 2008 Annual Threat Roundup and 2009 Forecast,
2008.
[H11] ZScaler, 2009 Web Security Predictions, January 6, 2009. URL: http://research.
zscaler.com/2009/01/web-security-predictions.html, accessed: 2009-4-6. (Archived
by WebCite® at http://www.webcitation.org/5gELyrFhc)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
-OBILEå(ACKINGå4RENDS
[M1] Bill Brenner, “Mobile Malware: What Happens Next? CSO, November 13, 2008,
URL: http://www.cso.com.au/article/267157/mobile_malware_what_happens_
next?pp=1, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFij)
[M2] McAfee and Informa Telecoms and Media, Mobile Security Report 2009, 2009,
URL: http://www.mcafee.com/us/local_content/reports/mobile_security_
report_2009.pdf, accessed: 2009-4-2 (Archived by WebCite® at http://www.
webcitation.org/5gExlvgs2)
[M3] Elinor Mills, “Mobile: The holy grail at security conference,” CNet News, March
20, 2009, URL: http://news.cnet.com/security/?keyword=smartphones, accessed
2009-3-20. (Archived by WebCite® at http://www.webcitation.org/5gELyrFi4)
[M5] Sarah Perez, “First Came Geo-Awareness, Then Came Geo-Aware Malware,”
ReadWriteWeb, March 17, 2009, URL: http://www.readwriteweb.com/archives/
first_came_geo-awareness_then_came_geo-aware_malware.php, accessed 2009-
3-20. (Archived by WebCite® at http://www.webcitation.org/5gELyrFiE)
-EDICALå$EVICEå!TTACKå4RENDS
[D2] Maria Fontenazza, “Hackers May Prey on Medical Devices,” Medical Device Link,
Medical Device and Diagnostic Industry, URL: http://www.devicelink.com/mddi/
archive/09/03/011.html, accessed: 2009-4-6. (Archived by WebCite® at http://www.
devicelink.com/mddi/archive/09/03/011.html)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
[D4] Ryan Singel, “WiFi Pacemaker Hack Leads to Real Life Zombie Armies?” Wired,
March 12, 2008, URL: http://blog.wired.com/27bstroke6/2008/03/wifi-pacemaker.
html, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gExlvgsg)
3#!$!å!TTACKå4RENDS
[S1] Ted Bridis, “CIA: Hackers demanding cash disrupted power - Electrical utilities in
multiple overseas cities affected” MSNBC.com, January 18, 2008, URL: http://
www.msnbc.msn.com/id/22734229/, accessed: 2009-4-6. (Archived by WebCite®
at http://www.webcitation.org/5gExlvgt2)
[S2] Eric Byres, David Leversage, and Nate Kube, Security incidents and trends in
SCADA and process industries, May 2007, URL: http://www.mtl-inst.com/images/
uploads/datasheets/IEBook_May_07_SCADA_Security_Trends.pdf.
[S4] Glenn Derene, “How Vulnerable is U.S. Infrastructure to a Major Cyber Attack?”
Popular Mechanics, April, 2009, URL: http://www.popularmechanics.com/
technology/military_law/4307521.html, accessed: 2009-4-6. (Archived by WebCite®
at http://www.webcitation.org/5gExlvgtT)
[S5] Grant Gross, “Expert: Hackers penetrating control systems,” InfoWorld Security
Central, March 19, 2009, URL: http://www.infoworld.com/d/security-central/
expert-hackers-penetrating-control-systems-084, accessed: 2009-4-6. (Archived by
WebCite® at http://www.webcitation.org/5gELyrFjb)
[S6] Wes Iverson, “Hackers Step Up SCADA Attacks,” Automation World, November
1, 2004, URL: http://www.automationworld.com/news-957, accessed: 2009-4-6
(Archived by WebCite® at http://www.webcitation.org/5gExlvgsq)
[S7] David Lacy, “Apocalypse Soon?” Computer Weekly, March 4, 2009, URL: http://
www.computerweekly.com/blogs/david_lacey/2009/03/apocalypse_soon.
html, accessed: 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFjm)
[S8] Nathan McFeters, “Hacking SCADA for terrorism and destruction,” Zero Day
(ZDNet), June 12, 2008, URL: http://blogs.zdnet.com/security/?p=1268, accessed:
2009-4-6. (Archived by WebCite® at http://www.webcitation.org/5gELyrFjS)
[S9] National Cyber Security Research and Development Challenges, Institute for
Information Infrastructure Protection (I3P), A Report to the Senate Committee on
Homeland Security and Governmental Affairs, 2009.
[S10] “The Return of SCADA vulnerability,” Industrial IT, February 9, 2008, URL:
http://www.industrialit.com.au/Article/The-return-of-the-SCADA-security-
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
vulnerability/437404.aspx, accessed: 2009-4-6. (Archived by WebCite® at http://
www.webcitation.org/5gELyrFjw)
[S11] SANS Institute, “Special Webcast: Cyber Attacks Against SCADA and Control
Systems—Real World Trends and Real World Solutions,” September 7, 2008,
URL: https://www.sans.org/webcasts/show.php?webcastid=90748. (Archived by
WebCite® at http://www.webcitation.org/5gExlvgtB)
2&)$å(ACKINGå4RENDS
[R1] Kelly Jackson Higgins, “Drive-By ‘War Cloning’ Attack Hacks Electronic Passports,
Driver’s Licenses: researcher demonstrates the ease of scanning and cloning new
Homeland Security-issued ID cards,” Dark Reading, February 2, 2009, URL: http://
www.darkreading.com/security/privacy/showArticle.jhtml?articleID=213000321,
accessed 2009-4-6. (Archived by WebCite® at http://www.webcitation.
org/5gELyrFkE)
[R2] Joel Hruska, “Internet tubes dripping with ‘raw sewage’ of DDoS attacks,” Ars
Technica, April 3, 2008 http://arstechnica.com/news.ars/post/20080403-internet-
tubes-dripping-with-raw-sewage-of-ddos-attacks.html , accessed 2009-3-20.
(Archived by WebCite® at http://www.webcitation.org/5gELyrFkW)
[R3] Joanne Kelleher, “Another RFID Hack—Contactless Credit Cards,” RFID Security,
March 25, 2008, URL: http://www.securerf.com/RFID-Security-blog/?p=47,
accessed 2009-4-22. (Archived by WebCite® at http://www.webcitation.
org/5gExlvgtc)
0RINTERåANDå%VERYDAYå$EVICEå(ACKINGå4RENDS
[P1] David Strom, “Beware of Network Printer Hacks,” David Strom’s Web Informant,
May 30, 2008, URL: http://strom.wordpress.com/2008/05/30/beware-of-network-
printer-hacks/, accessed 2009-4-22. (Archived by WebCite® at http://www.
webcitation.org/5gExlvgt)
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html
About Mocana
Mocana secures the “Internet of Things”: the ubiquitous devices of our lives,
our infrastructure, and the enterprise networks to which they connect. As Mocana Solutions
connected devices proliferate—they already outnumber workstations on the NanoBoot™
Secure preboot verification
Internet by about 5 to 1—attacks on these “soft targets” are rising exponentially. for firmware
Mocana’s solutions ensure that wired and wireless devices, servers, networks, NanoUpdate™
and their services all scale securely. Customers include Dell, Cisco, Avaya, Secure firmware updates
Nortel Networks, Harris, Honeywell, Symbol, and Radvision, among others. The NanoWall™
Embedded system firewall
company was recently named one of Red Herring’s GLOBAL 100—one of the NanoSSH™
“Top 100 Privately-Held Companies in the World” for 2008, and also won Frost High-performance
SSH client and server
& Sullivan’s Technology Innovation of the Year award. For more information, visit
NanoSSL™
www.mocana.com. Super-small SSL client and
server
NanoSec™
Device-optimized IPsec,
Downloads and Contacts IKEv1/v2, MOBIKE
NanoEAP™
For details about the Mocana Device Security Framework, visit http://www. EAP supplicant and
mocana.com/device-security-framework.html. 802.11 extensions
NanoCert™
For your 90-day free trial, visit www.mocana.com/evaluate.html. Certificate management
for client devices
For pricing and purchase information, email sales@mocana.com or call NanoDTLS™
866-213-1273. Embedded DTLS client
NanoDefender™
Intrusion detection
for devices
DSF for Android™
Quick-development
security toolkit for
Google Android handsets
VPNC
CERTIFIED
Basic
Interop
Tech AES
Interop
Choice IKEv2 Basic
2008 Interop
IPv6
Interop
Attacks on Mobile and Embedded Systems: Current Trends – Free evaluation code at www.mocana.com/evaluate.html