 Hi, I really really appreciate and grateful for being here. I thank a lot to Defcon and IoT Village. So my title for this presentation is defending IoT in the future of high-tech warfare. Before beginning, let's imagine a robotic tank that maneuvered themselves across desert terrain, avoiding land mines, drones with enough artificial intelligence to carry out strikes without human operators, and next-generation uniform to monitor soldier heart rate and hydration level or provide early warning alarms for chemical attacks. So if you google the Internet of Things, you only find the attacks on it. Imagine how much more challenging it would be in an actual battlefield where adversaries want to attack the battlefield as opposed to a hacker in a home who just wants to have fun. So the 21st century technology boom can give armies a strategic advantage for high-tech warfare but can technology make war safer. So my name is Harzit Agrawal and I am working as an RF security researcher. I will be joining Boston University to pursue my master's in cyber security this year. My primary research area include drone security, IoT security and telecom security. You can connect with me on LinkedIn, Twitter or email me if you have any questions. So in this presentation, we will be looking at starting with IoT as a transformational impact. Then we will look into some Internet of Radio vulnerabilities like car hacking or how we can sniff through radio frequency protocols. Then CIA tried for IoT security, IoT trade map. Then we will quickly look like how cyber reconnaissance can be done using the IoT devices, electronic emerging tools for cyber reconnaissance, Internet of military things and then autonomous weapon systems. So what do you think a world where every device you own is communicating with each other to your daily task? You open your eyes in the morning and a device is telling you the whole list of tasks you need to perform today. Also, you give instructions through your mobile phones and your coffee is ready while you get ready for your office. So where CCTV cameras can identify and stop excessive force before it turns deadly to wearing sensors which reports real-time health benefits to alert patients to emergencies before they happen. Even as drones like which can be used to support first responder, IoT has transformational impact on our life across vertical sector. So there's a whole long list of tasks that IoT is helping us with. So we can say a world without IoT is living in a stone age. It may seem like a big claim for some of you but when you see the bits of the IoT reflected in even mundane task of our daily life, you will agree to it. So how important is Internet of things in our life and even bigger question is how secure you think it is. So here in this slide you can see the benefits of IoT are undeniable. IoT can bring much of the physical world from industrial assets to commodity devices to people into a connected ecosystem which results in enhanced customer experience and better business outcomes. So increased connectivity and digitization in industry has produced an exponentially expanding attack surface behind which is safety, security and critical services. So cars are turning into computer on wheels and airplanes have been flying data center. But this increase in power and connectivity has largely happened without designing inadequate security protocols. So for example, IoT can improve multiple aspects of an airport such as by regulating traffic flow and helping passengers navigate using Wi-Fi beacons, NFC takes and geo-location or streamlining security checkpoints with biometrics like facial recognition and reducing the number of lost weight using electronic luggage, takes and sensor. And there are many more things. So given the potential and influence that IoT has on the world, it is worth looking at the security risk which is associated with this device. So in simple word like if I define, the Internet of Thing is a broad network of connected physical object or devices which communicate with each other and exchange data without human interference. So generally all these devices are capable of either collecting data, processing information or transferring data. So IoT is wonderful in many ways. But unfortunately technology has not matured yet and it is entirely safe. So the entire IoT environment like from manufacturers to users still has many security challenges of IoT to overcome such as manufacturing standard, update management, physical hardening, users' knowledge and awareness. So now it is not only with our computer but there are also things that interact with the Internet without our intervention. And these things are continually communicating with the Internet. A fridge sending an update of the food inside of our vehicle transmitting message to the mechanic to inform its oil level. So there are whole loads of things which are happening in the world of Internet. Now let's consider this case scenario. In certain sets, Soudan is like a guy who walks throughout the city and knocks on every door he sees. But instead of door Soudan knocks on every IPv4 addresses and instead of some city here it is the entire world. So if you ask that guy about a particular type of door or about doors in particular part of the city he certainly would know something and would provide you the information. So how many of those doors are open, who answers them and who do they say. So Soudan give you the same information about these IoT items. Now how are they called? What type are they and is there a web interface one can use. So there is no problem on knocking on door. Unless you find out that there are a lot of doors with no lock and no one can stop the bad guy from breaking in. So on other hand like Senses is also a search engine for the IoT relying on the basic principle. But it's more precise when it comes to searching for vulnerabilities. Oh yes, Senses can actually give you a list of devices with a particular vulnerability. For example, those vulnerabilities to hard bleed. So if it's an IP camera you can see everything it sees, even control it if it supports something like that. And if it's a router, you can change its setting. If it's a baby monitor, you can talk to the baby in a scary voice. So it's all up to your moral standard how you want to use this technology. So the main objective of security like which is highlighted by various model are known to be confidentiality, integrity, authentication and authorization, known reputation and availability. So implementing different cryptographic mechanism can help us achieve these security characteristics. Now however it is very challenging to implement these cryptographic algorithm to IoT devices. So like confidentiality which is the significantly sacrificed due to the constraint in size and power of IoT. So implementation of like public key interface can provide confidentiality and integrity. However, the encryption process with public key demands computational and memory resources data beyond the capabilities of many IoT devices. Also PKI require devices to continuously update the certificate because like the certificate gets expired. So updating IoT devices is another challenge especially in small devices which do not have any user interface. So moreover some IoT devices are deployed remotely in inaccessible area and cannot be updated without human intervention. So authentication and identification of user in IoT is also significantly important. If an attacker compromise authentication they can get access to the system as a legitimate user and can launch various further attacks without even being detected. So however authentication has been another major challenges in IoT. Current authentication method require username password, digital certificate, shared key or biometric credentials. So it is anticipated that IoT as previously will remove many physical interaction medium through which like username or password are parsed. So furthermore like verifying identity can be challenging in the mobile environment of multiple IoT devices. So different user move for their IoT devices through different architecture and infrastructure which is provided by different service provider. So the issue of anonymity makes it difficult to achieve accountability. So to attain effective access control is another challenge in the IoT domain. And it is difficult to use well-known access control model such as role-based access control and attribute-based access control for low-power devices. So furthermore like access control require the concept of authentication and identity which is already a challenge in the IoT as I said before. So ensuring like that each device has the control to maintain data confidentiality and integrity within an organization is necessary. In addition, investigation of IoT security along with data integrity holds practical significance in IoT development. So here in this figure you can see like the security trade map of IoT, the Internet of Things spans nearly every organization and function. Associated-Ed devices now expose a series of vulnerabilities which can be exploited by old traditional trade actors. On right side you can see pyramid of pain which is based on Cisco IoT reference model and it is evaluated from a vulnerability perspective of the IoT system. So the most vulnerable part of the IoT system with the least impact it suffered and attack is placed on the top of the pyramid. Sensors sit on the top as they are the most vulnerable being the most accessible part of the IoT ecosystem. The next vulnerable part is the communication between the sensor and accumulated data by the sensors. So the attacker can get access to this data through sensors or by getting into the network. Now then comes the hardware extraction and firmware which stimulates application programming interface. So for the interface between the application and the data lastly the least accessible part at the bottom of the pyramid is the hardware platform such as like SOC, FPGA or DSP. So even through the hardware platform is at the bottom of the pyramid it is the most vulnerable and desirable so because it has the highest damage impact system in case of any attack. So it can be said that hardware is the foundation of the IoT ecosystem and most pain-causing part in case of any cyber attack incident. So therefore IoT security should begin with hardware security. So it has been realized that true security of IoT devices can only be achieved by securing the underlying hardware of these devices. Hardware security begins with IC security and that is embedded in these devices. So back doors have been reported in IC which is used in weapon control system, nuclear power plant and public transportation system. So security is usually an afterthought in IC design and preferences is given to cost performance in reliability in case of IoT. So here let's consider these two simple case studies. For example, at the department of defense fuel depot tank level, temperature and flow rate could be inexpensively and precisely monitored. So inventory usage and payment could be easily integrated with the backend business system. Now perimeter security which could be enhanced with more inexpensive cameras and monitor sensors. So soil, water and air quality could be continuously measured for leaks or emissions. Now this tank and pipe corrosion could be monitored to enable fixes before impending failure or any potential fuel related hazard. But imagine the havoc. Date could be caused by a malicious malicious actor hacking into this IoT tank. If the typical IoT vulnerabilities are not addressed tank level could be misreported monitoring could be disabled and malicious actor could dump fuel. In similar way, the addition of Internet capability real-time situational awareness information can be related to command and support facility remotely from the battlefield. But if enemy takes advantage of vulnerabilities in such devices or networking or even compromise devices, it may allow the enemy to provide false information to the warfighter and the supporting remote organization. Really it's important to prioritize addressing the highest risk vulnerabilities which are already installed in mission systems such as like ensuring that the information is encrypted when aware needed. We implement the policies and processes and also communicate these changes broadly. So to ensure like supply chain management of a broader array of potential devices so let's see some arab-based IoT attack so what basically lies inside the radio wave spectrum. The following frequency allocation chart here so various commercially used devices with their application and frequency based on data from NTIA and FCC so the electromagnetic spectrum which is divided according to the frequency of these devices which are measured in hers we can see here like FM radio is operating somewhere near 100 MHz the GPS and cell phone somewhat near 900 MHz while ADSV signals on frequency 1090 MHz which can be directly captured from RTL device or like which can be captured from RTL device and 2.4 GHz band which is used by more than 300 consumer devices so including like microwave ovens, codeless phone and wireless network like Wi-Fi and Bluetooth so invisible and ignored our devices are currently screaming out large amount of information about us our habit, our pattern of life to anyone who care to listen so let's see some example like what is commonly being broadcasted and what can be done with this information so in this very first example you can see a simple implementation of FM transmission on GNU radio one can easily broadcast live or in this example you can see here I am using the GPS HDR stream library which generate GPS baseband signal data stream which can be then converted to RF using software defined radio platform such as like BLADE RF HEK RF or USRP so here like basically the user specifies the GPS satellite constellation through a GPS broadcast FMis file so this daily broadcast, daily GPS broadcast FMis file like which is short form for BRDC is a merge of the individual site navigation file into one now the archive of this daily file can be downloaded from the NASA site access to this site is free and require the registration so this file are then used to generate the simulated pseudo range and Doppler for the GPS satellites in view this simulated range data is then used to generate the digitized IQ sample for the GPS signal so later that can be transmitted using the HEK RF to spoof the location ADSB signal which is a surveillance technology in an aircraft determine its position via satellite navigation and periodically broadcast it so this can be enabling to be tracked this signal can be tracked using low cost devices like RTL in this example and I am using the RTL 1090 and virtual radar to track planes so using GRGSM like and calibrate command we can listen to IMC number and further decrypt the A3A5 algorithm to listen into calls and messages so every mobile phone has an IMC which is like international mobile subscriber identity number this number is unique to every SIM card and this number is shown on every mobile phone which is connected to the IMC catcher and the police can determine your identity easily through this unique number and there is no way you cannot be victim except you are in an area with the no IMC catcher so in this example you can see a simple example of replay attack which is like a good POC but this does not provide much of a learning opportunity nor did it drastically reduce the effectiveness of the security system so it only provides faults in alarm of standard functionality so definitely like after this there were so many different case scenarios which are being presented in DEF CON and BLAKET like car RKE for roll gem attack or after roll gem like there was one more attack which was published in DEF CON so when you find a signal whether this signal is of your interest or that should not be present in a particular frequency band you should want to start with the basics so the first step is to look at the frequency band and shape up a signal of interest to get an idea about the characteristics and therefore the identity of this signal so for example many of the 3G and 4G signal have square tops due to the type of filtering they use and also this commercial wireless signal use predictable bandwidth so you can make an educated guess on the signal type based on what you see on the screen the second step is to perform modulation analysis of the signal so analyzing the modulation will give further insight into more or unique characteristics of a signal the third step is to capture the signal data and perform additional analysis of the signal so this can be difficult technique because based on some experience trial and error it would be used within the RF environment software capabilities to try to determine more characteristics of the signal so for example you could look at the RF IQ versus time to figure out digital modulation symbol rate or look at the spectrogram to try to check for the preference of OFDM subcarriers so there are many different vulnerabilities which are related to internet of radio we all know that Wi-Fi uses radio to communicate but so does the other 99 protocol that make up the world of mobile cellular and internet of things so all these new radio enabled devices bring with them new invisible trait now enterprise will need to be able to react which are entering the environment through the internet of radio so there are examples like sniffing ward driving, able to in attack, replay attack jamming or physical layer protocol abuse so we often hear about the dangers of dark wave but internet of radio is not merely dark it's invisible so any wireless network which is going to have a few security risk so it is important to address them the first issue is the fact that the sensors are broadcasting all the information they have continuously so here you can see like NATO has now designated cyber as an official domain for warfare so in a press conference in 2016 NATO allied minister formally agreed to include cyber operation in its war domain along with air, land and sea operation and to amplify the dependence of its computer network so declaring cyber as an official domain of warfare allow NATO to improve planning and better manage resources for cyber defense operation so in 2014 NATO stated that a cyber attack could rise to the level of military assault and trigger article 5 protection which means like that NATO could respond to a cyber attack with conventional weapon just as they would do for air, land or sea attack we will remain a contested space for the foreseeable future now NATO decision to declare cyber space an official domain of warfare is an important step in the right direction so the militaries face a new reality one with multi-domain challenges now the way military build its forces integrate its planning and synchronize its operation must change quickly so in modern military lingo which includes land, maritime air space and cyber space so the cyber space domain is only main made and is ever changing so in the emerging multi-domain reality an attack will often come from the multiple domain simultaneously like jamming of radio and data link or persistent surveillance and precise long range fire so there are many things like which can happen in cyber space so there is a famous quote from the book art of war by sunzu there are not more than 5 musical notes yet the combination of these 5 give the rise to more melodies that can ever be heard there are not more than 5 primary color yet in combination they produce more hues than can ever be seen there are not more than 5 cardinal taste yet combination of them yield more flavors so now we can imagine about the result from convergence of ground, airborne, naval space and cyber so here you can see the modern military forces rely heavily on a variety of complex high technology electronic warfare and defensive capabilities so traditionally cyber and electronic warfare were distinct entities cyber warfare involves the action by a nation state or international organization to attack and to damage another nation's computer or information network through so for example, computer virus or denial of service attack the military has already designated cyber as the 5th domain of war along with 4 physical domain and it is milling making the electromagnetic spectrum the 6th domain so cyber space operations are the employment of cyber space capabilities where the primary purpose is to achieve objective in all through cyber space so far like EW has been a slipping beauty hidden away and forgotten for a generation but now it is a dragon about to be reawaken and NATO leaders who continually try to ignore the its significance do at its alliance so in convergence of electronic warfare IoT based at a computer network exploitation within the radio frequency spectrum it describe how the integration of IP capabilities in systems using radio frequency for communication provides attacker the ability to exploit systems on isolated network so unlike current cyber and EW protection teams which are focused on vulnerabilities within their respective areas and adversaries which are focused on achieving desired effect and end state goals this trait is highlighted by oversight in software and communication systems which are developed in recognizing vulnerabilities introduced during the integration of hardware and software so definitely like digital technologies have transformed warfare beginning with the emergence of network centric warfare in 1990 digital technologies have become the basics of weapon tactics and strategies so today war fighters use connected devices to coordinate air strikes on the battlefield drones are controlled from thousands of miles away while commander watch real time video of streaming like from the battle space and logistics and broader supply are regulated and managed by complex digital technologies the next generation of these emerging technologies such as artificial intelligence and smart drones and robots additive manufacturing will make the US military even more dependent on digital technology so further like much like any disruptive or transformative technology there can be little doubt that the IoT is altering the way arm services conduct operation and coordination across forces like joint and coalition so the modern concept of command control and communication and intelligence which is like C3I is driven by the information technology that is deeply impended in advance in military armament which demands high efficiency in decision making and control so one might consider C3I as the brain of modern warfare now if C3I systems are considered the brain then battle space fighters and actuators the internet of battle field things are the eyes and ear and military maneuver their hand and feet so if it is the preserved ways of IoT devices that will essentially make the eyes, ear, hand and feet inseparable from the brain so we often think like command and control is a distinct and specialized functions like logistics, intelligence, electronic warfare but in fact command and control encompasses all military functions and operation given them meaning and harmonizing them into a meaningful whole so done well command and control aid to our strength done poorly it invites disaster and even against a weaker army so command and control help commander make the most of what they have people, information, material and often most important of all time so let's see some cyber-reconance case studies which are based on IoT devices so now it's time for cavalry to get serious about this cyber-reconance the whole art of war consisting of understanding what is on the other side of the hill so in this new world like much of the information essential to effective tactical decision making cyber space long before it is extracted through the dangerous and painstaking process of air and ground-reconance so such an importance if to require reframing of our traditional approach to reconance so is it now necessary to expand the concept of military to include the cyber domain if so how should such a capability be organized in the military, who should do it for the hazards with such an approach so the incident like in Israel and Gaza presents a compelling case relatively minor tactical actions like the movement of a military vehicle or the firing of a single rocket now have an indeniable fingerprint in cyber space so that fingerprint is visible to anyone with the persistence tools and training to view it this presents a new way of seeing the battlefield finding rocket launches and anti-rocket weapons on the battlefield in real time has traditionally been the vocation of reconance formalities so now those reconance organization must develop new way of developing data information into the cyber domain so future reconance organization that are trapped with the ability to merge ground and air collection these type of capabilities in cyber space will possess a competitive advantage on the 21st century battlefield so we can definitely say like the crowdsourced surveillance in the future of internet like by 2030 more than 125 billion computer sensors in IT devices will be connected to the worldwide web now roughly 15 for every devices will be connected and for like roughly 15 for every person alive so by that time nearly 80% of the data moving on broadband network will be video it is reasonable to assume that these tents will combine to create a ubiquitous network of crowdsourced surveillance where nearly every event in public space is recorded and uploaded to the web by private commercial or government actors which are like through the commercially owned IoT devices so let's see some case studies here a modern equivalent of the world war 2 there are warning that loose leaves seep sinks so maybe FFS don't say your Fitbit data on duty so let's consider this interesting case study where the fitness data company Istrava recently came under fire that its global heat map which aggregated millions of geotrack devices inadvertently reveal the location and outline of US military bases in conflict areas so with this incident provides a useful reminder about the importance of operational security it reveals a much more valuable message about the future of root reconnaissance as a military operation so moving a large military force over unfamiliar terrain presents a formidable challenge so as a result reconnaissance formation have traditionally needed to re-conture ahead of the main body to assess the traffic ability of roots so like Istrava modern digital map application on most smartphone use a process of extracting location from cell phone tower to determine rate of movement along roadway over time this anonymized data provides a useful pattern that can show where vehicle traffic is unrestricted it can therefore be a powerful tool to argument the often dangerous task of ground root reconnaissance so in addition like when merged with ground moving target indicator target we can use analytical tool to distinguish between military and civilian vehicle movement so many locations of like military and intelligence agency bases had already been previously revealed through many other publicly available IoT databases but the bigger worry from an operation security standpoint is how activity data from IoT devices could be used to identify interesting individuals and track them to other sensitive or secretive locations this suggests that many of the most significant advances in military technology began first as commercial technology like radar for example was originally developed as a tool to avoid seep collisions during limited visibility but now it's highly sophisticated for defense purpose so this emerging categories of cyber tools like social media, GPS enabled IoT devices satellite imagery database from publicly repository like digital globe which estimates to returns a data set of 100,000 terabytes are already available in commercial market, date with adaptation might provide a real advantage to cyber recon formation and the biggest dangers may come from potential adversaries figuring out patterns of life like by tracking and even identifying military or intelligence agency personal as they go out about their duty so too often we think like secret lie hidden when now they are mostly out in the open both military and the public need to come with grips with the fact that the era of secret is arguably over so digital eyes in the sky were already used in Iraq and Afghanistan by military forces to find IED bomber they were used in a Baltimore city to find murderer so a high resolution camera which you can see on the top left image is placed in a caseina or long duration drone in the city is filmed so that one pixel is one person the pixel of a person can be highlighted and tracked so then all this event in the field of view are tabled and recorded so let's say when an event of interest happens this recording is revoned and any physical interaction with date point can be traced but with this fast pace of technology you can see like equity parallel camera pictures on the right side which shows stunning clarity of camera systems can zoom on to a specific area of a larger space so a small bike rider or stow window can be amplified so dramatically that it can read the fine print so each 50 megapixel camera could if it can take a location of 100 km by 100 km so about 1000 high resolution search camera array could cover the entire USA and China so and with swarm drones and cameras arrays it would make relatively cheap to perform something like this so the focus let's see what are some of the things like which are related to internet of military things so previously we had internet of things internet of consumer things, internet of ransomware things and internet of military things so here like what thus be stand for so the focus of internet of battlefield thing is to provide situational awareness of the battlefield utilizing a network of interconnected sensor, actuator and analytical devices so sensor could detect enemy movement and then relate data information in real time to analyst enabling them to make tactical decision on positioning areas to avoid or who is crossing a certain area so this capability would potentially save resources and soldier life making iobity an important topic for the defense to investigate and of course like there's a lot of buzzwords surrounded by the internet of things and internet of industrial things but the big focus of the army is creating another buzz term adding the bee in there so adding the battlefield as part of this so for me it's always been embedded devices like we are talking about event security in embedded development the big difference of course with all these different term is what you are using them for and often times like the mission and dead people are using them for don't vary date much but in this case we are talking about very extreme environment environment date have very hostile and downright adversial note to say that all other types of area devices are not being trade or attack daily either targeted and attack often in locations where there are extremely vulnerable people literally can woke up and do extremely whatever they want to do and of course like the physical environment so the internet of military things encompasses a large range of devices that possess intelligent physical sensing learning and expectation capabilities through either virtual or cyber interfaces that are integrated into system so these devices include items such as like sensor vehicle robot UAV human wearable devices, biometrics, munitions armor, weapons and so many other smart technology so the vision of a connected battle field where soldier interface with a mirrored of sensor weaponary systems and support systems and adopt the information to gain situational awareness and force superiority introduces a new series of trade at a greater scale and then any other time in history so each connected device now becomes a target for the adversary and a chance to exploit weakness in not only the devices themselves but also the network interconnecting these devices so the key technology trend impacting the IOMT theme over the next 12-24 month include AI, sensor, processor transmitter and health monitoring system but above all security presents one of the most critical aspects like to the IoT deployment so however in providing security solution supplier have had trouble going beyond their traditional domain for example operators IoT security offers have mostly been avoid about devices authentication and network reliability so clearly bridges can occur at the device level network layer, app level, storage level so quickly here you can see there are so many different kind of sensors which are related to the IoT now sensor technology is evolving fast like EO or IR sensor radar sonar motion or sound detectors have their capabilities augmented as the technology they incorporate improves so for example IR sensor can see further at much tougher weather it is a day or night compared to just a few years ago so fast array radar can multitask simultaneously collecting intelligence in the land maritime or air domain without losing range coverage or accuracy so let's see like how some of these sensors like IoT based sensor can be used in the battle field so let's say if we take the example of microphone or the sound sensor so it can like pick up data are considered hostile or friendly like to identify different type of weapon sound could check the weapon data face to match potential guns that made a certain group of people or it can like calculate noises in the distance or how certain traits could be RFID can be used like to confirm the allies that are passing by because RFID would be assigned to all soldiers again camera like which are low quality used for designing colour plate for patterns of uniform or high quality camera would be able to take sort of object moving in the field of view so limitations would be like we can consume significant battery capacity to start up store and send images again GPS can be used to track location of sensor registering event or could also be able to activate a specified path has been identified RF sensors like can be used to track radio frequency over the area of interest sensors to detect heat signature and notify the other sensors to start collecting information vibration sensors can be used to detect vibration and stress which are experienced by the sensors and generate electronic charge based on the stress so identification of friend or foye or used by the military currently in conjunction with radar to discern friendly and civilian vehicles and military units so ultrasonic sensor which can be used to trigger classification sensor to start collecting data to help determine ally or adversary so there are so many different kind of sensors which can be used for different purpose in the internet of battlefield environment now modern day soldiers are entering the better field not only with weaponry but also within electronics command and control center built on the sensor antenna and communication capabilities of the internet of things so the combination of multiple radio wearable like smart watches and glasses biosensor GPS equipment and communication devices are just some of the gear which are arming soldier with life saving information and creating unprecedented visibility into their surroundings so our current and future soldiers are only as good as the communication date is said with them so the sharing of the information wins the fight not the biggest or best bullet so we are looking at a soldier as a communication intelligence platform not just a person with a weapon system so work is underway on new intelligent body gear and date among other things include onboard computer date allows soldier to chat online during missions and to tie into key defense network to tape into intelligence so soldier will also be able to share information like mission data watch mission related video clips and even exchange surveillance intelligence with nearby military vehicles the onboard computing power will also monitor the soldier's psychological status via biosensors to provide clear pictures of their vitals or performance so of course the key to this vision of a connected soldier is the connectivity itself so yet there are numerous communication and networking obstacles related to the harshness of the battlefield and the density of the radio frequency environment so hundred of control communication computer and surveillance systems biomed by thousands of antenna sensors rf circuit are vying the rf signal with a limited rf spectrum so as we go down the path the connected soldier the design problem becomes a lot more complicated and the design space the much more harder because there are much more sensors and not just radar or frequency so all of a sudden everything is connected and you have many pro reflecting systems so there is no free lunch so high data rate equal to extra soldier battery load and consequences hovering however of opening up your system for sharing upgrading and accessing in order to make it relevant to data reach e-battle field of the future is that you open it to a whole host of new trade and risk so the one that we all are familiar with in the online world in which we all now live so I love that I can unlock my phone with my face and that Google can predict what I am thinking and then Amazon knows everything what I need so it's great that I don't have to hail a cape or to go to the grocery store actually I hope I never have to drive again or navigate or use case or clean or cook or learn but what if all of this technology is misused the same technology is making our life easier is being weaponized the feature that unlocks your phone with your face what if it is attached to a self-learning machine a gun it's manufactured few months back shown in a video like how gun using object recognition software can easily identify target they say it gets more accurate the way more we use it so that drone which is like advertised to get from ocean panoramic source can be used to carry small payload or grenades this drone come with a high explosive warhead which hangs out in the sky until it's find an enemy radar system then fires on it oh and what about the driverless car you thought was so cool so here it is in a form of a tank like russian army affair it's called a T-14 so one of the big concerns such swam in the is the misuse of autonomy and just how much real control the operator have over their actions so far has always been a human behind every kill or no kill decision so let's review some entry drone systems that are used to detect and neutralize the drones so more than four lake 400,000 drones are sold each year worldwide which means a potential threat for society and critical infrastructure illegal filming of secret objects as well as personal privacy is very common so the air space is says unprotected from the drone growing need for anti drone solution worldwide lead manufacturers to develop the entry drone system so applicability of drone detection and identification method depend on the requirement that being said we observed that methods other than RF sensing cannot be solely relied to detect or identify intruding drones so on one hand like radar vision and acoustic bed method can be restrained in various ways such as like using stealth technology changing the drone physical shape and rotor using low noise rotor and by emitting natural sound like bird chips or white noise in addition such method require expensive equipment like high quality video cameras that is not designed to detect drones more ever Wi-Fi based drone methods are inherently limited as they cannot detect drones operated by other wireless technologies like 4G and they require knowledge of the drone Wi-Fi parameters like protocol and channel number on the other hand we see that RF sensing based methods for drone detection and identification are adequate to be used in real life scenarios so such methods are independent of the wireless technology which are utilized by the drone so like if whether they are using bluetooth 4G or Wi-Fi and are immutable to physical interaction and differences among drones so however current methods are still not fully automated so let's take this simple example if we consider like the security traits from IoT based drone for an airport so there are like passengers and visitors aircraft, cargo, air traffic controller parking carriages which are all vulnerable to drone attack so there are like surface movement radar which are installed on the airport this radar system detects aircraft and vehicle in real time on a map which is displayed by a computer screen so in example is the airport surface detection equipment which is like AHDEX so it consists of a radar multiration technology and satellite to enable air traffic but one of the concern for the concept of operation is that the SMR will have shadow areas in the airport due to building and other airport infrastructure so if this occur then the drone can fly enough path behind the buildings and avoid detection by the AHDEX systems so this is because the SMR signal is scattered by the building anything in the shadow area will not be detected so using an approach like to overcome this limitation is to use low cost sotrain radar which are based on IoT and can be divided in multiple swamps which can be replaced so this will allow the increased detection of drone furthermore if the data from AHDEX radar is unavailable the SOS can still deliver value by detecting drone using the low cost sotrain radar so furthermore it will also increase the range and another example could be like it can definitely help the ATC like previously we had air traffic controller that can be now changed to unmanned aircraft systems traffic management so in that way like the potential through the IoT based drone which are like flying through the GSM using GSM signal which are very hard to track can be easily tracked with this so while the military has been a driver in connected in machine to machine communication such as radio frequency identification it has been slow to adopt true IoT application they need this communication into inter-polable automated cycle so the challenge is that defence leader whizzing to take advantage of the IoT phase a complex technological and regulatory landscape that returns to mire their efforts in endless choices and challenges so the army has done a lot of work on system that can work without a constant internet connection to get around this but because there are no they are not linked to the internet they have limited utility but all these expanded connectivity and technology brings a host of risk too so for one creating Wi-Fi enabled uniform and weapon could give enemies many new digital target and if malicious hacker can manipulate sensor to fake chemical attack those false signal can be deliberating so then and now to overstate the importance of information to military commander everywhere while the rest of the world was waking to the internet in 1996 the military for example was already outlining the plan for information superiority so with this information so central to all activities we can see like what are the potential hazards and what are the vulnerabilities which we need to address in the internet of battle pill so here you can see like some of the references which I have take the help of to develop this presentation and I am really thankful to them and if you have any questions you can reach out to me on my either by Twitter or LinkedIn or you can drop me an email thank you so much