IoT Security Village

Home Villages IoT Security Village

From Sensors to Security: A Practical Workshop on IoT Systems and Protocol Vulnerabilities

Organized By

C3iHub, IIT Kanpur

Target Audience:

Undergraduate and Postgraduate Students in ECE, CS, EE, and Cybersecurity
Academic Faculty Members
Hobbyists and Independent Researchers in Embedded Systems and IoT
Practitioners and Professionals in Cybersecurity and Embedded Development
Max. Intake – 30 persons (3 per group)

Objective

The objective of this workshop is to provide a comprehensive, hands-on experience that bridges the gap between embedded IoT development and security. The workshop focuses on empowering participants with foundational electronics knowledge, IoT protocol design, actuator integration, and exposure to real-world vulnerabilities in connected systems. Participants will:

Develop embedded applications using sensors and actuators
Implement and analyze IoT protocols such as MQTT and CoAP
Understand network-level attacks on IoT ecosystems
Learn security best practices including TLS implementation
Perform bootlog and firmware analysis to assess system integrity

Session Outline

  • DAY 1 - IoT Fundamentals and Communication Stack
    • Session 1: Introduction to Raspberry Pi & Device I/O 1. System setup & security baseline
      • Brief: Flash and configure Raspberry Pi OS, enable SSH/I²C, change default credentials, and apply simple hardening (SSH keys, basic firewall, backups). Ensures a reliable, secure starting point for hardware work.
      • GPIO & I²C fundamentals : Brief: Explain BCM vs BOARD pin numbering, safe voltage levels (3.3V), and how to use I²C. Prepares you to wire and talk to sensors/modules (like TEA5767) without damaging hardware.
      • Hands-on device basics : Brief: Small practical's - Controlling sensors through web platform.
    • Portable C2 Simulation Lab 1. C2 concepts & ethics
      • Brief: High-level overview of command-and-control architecture (beacons, channels, telemetry) plus legal/ethical rules of engagement. Focuses on what to watch for, not how to build malicious tools.
      • Portable, isolated lab design - Brief: How to assemble a Raspberry Pi + laptop portable lab: isolated network topology, VM/container hosts for emulation, and snapshot workflows for safe testing. Emphasis on air-gapping and disposability
    • Session 3: Performing Radio Communication with Raspberry PI 1. TEA5767 fundamentals & wiring
      • Brief – Module overview (I²C FM receiver), correct wiring to Pi (VCC=3.3V, SDA/SCL, GND), and antenna choices — safe, receive-only setup for FM band exploration.
      • Software control & data logging – Brief: Use Python (smbus2) to tune frequencies, read status/RSSI, and log signal quality to CSV or a simple Flask dashboard. Practical code examples and troubleshooting tips
      • Signal observation & Transmission – Brief: Receive and inspect broadcast/FM signals, study RSSI/quality changes with antenna position, and extract learning about modulation and signal behaviour.
  • DAY 2 - IoT Security and Protocol Vulnerabilities
    • Session 1: Wireless IoT Vulnerabilities: WiFi Deauth Attacks
      • Concept: Attackers exploit WiFi weaknesses to disconnect IoT devices like cameras or smart plugs, stopping critical functions
      • Theory: WiFi deauth attacks hit unprotected management frames in 802.11 protocols, forcing devices offline by spoofing disconnection signals using Bettercap.
      • Content: Exploring WiFi protocol flaws and their impact on IoT reliability, with a focus on smart home risks.
      • Practical Insight: Detect vulnerable devices on local networks with Wireshark; protect with stronger WiFi encryption or wired setups.
      • Impact: A live IoT devices function fails instantly, exposing wireless risks.
    • Session 2: Discovering Exposed IoT Devices: Shodan and Censys Deep Dive
      • Concept: Shodan and Censys scan the internet, indexing IoT devices like sensors and cameras, exposing them through service data, locations, and configurations for hackers to access or exploit.
      • Theory: These tools grab device metadata, like service banners and operating systems, revealing misconfigurations or unpatched vulnerabilities exploitable with Kali Linux.
      • Shodan Details:
        • Scanning IoT Online: Searches reveal device locations, IP addresses, and service details, spotting unprotected systems
        • Accessing Data: Results display live interfaces or data feeds, showing real-time outputs from homes or businesses.
        • Finding Vulnerabilities: Queries find devices with flaws, like outdated firmware or weak encryption, for deeper scans
      • Content: Demonstrating Shodan searches to find exposed IoT devices and their weaknesses.
      • Censys Details:
        • Scanning IoT Online: Searches pinpoint devices by service types and network details, showing configurations and certificates.
        • Accessing Data: Results reveal device interfaces or operational data, highlighting unsecured systems.
        • Finding Vulnerabilities: Queries detect devices with specific flaws, enabling targeted analysis with Kali Linux.
      • Content: Presenting Censys results to expose IoT devices and their vulnerabilities.
      • Practical Insight: Run Shodan/Censys scans with standard accounts and pair with Kali Linux for vulnerability checks. Protect by securing configurations, enabling firewalls, and limiting device exposure.
      • Impact: Discover live IoT data exposed globally, from home sensors to office systems.
    • Session 3: Network Attacks and Traffic Manipulation
      • Concept: Attackers intercept or disrupt IoT traffic, targeting protocols like MQTT or HTTPS in devices such as smart locks or cameras.
      • Theory: Attacks exploit protocol trust (e.g., ARPs lack of authentication) or weak encryption, capturing or manipulating data with Bettercap for MITM and Wireshark for sniffing.
      • ARP Poisoning: Man-in-the-middle attacks reroute device traffic, grabbing control commands for manipulation.
      • Content: Showing how ARP poisoning with Bettercap intercepts IoT communications for further exploits.
      • Practical Insight: Analyse packets with Wireshark, execute MITM with Bettercap, and exploit MQTT with Mosquitto. Protect with TLS, connection limits, and secure protocols.
      • Impact: An IoT device executes unauthorized commands, acting as if controlled by a legitimate source.

Requirements

Core Computing & Setup (required, per team kit) (Max 5 team + 1 Instructor kit)

Hardware provided by organisers (will be supplied to participants per batch)
  • Wi-Fi cameras
  • Wi-Fi router (isolated lab network)
  • Wi-Fi adapters that support monitor mode (sufficient quantity for groups)
  • Raspberry Pi 4 with power adapter & microSD card (32GB)
  • microSD card (32GB)
  • LAN/Ethernet cables
  • Breadboard (840-pin size)
  • Jumper wires set (male–male, male–female, female–female)
  • LED pack (assorted: red, green, yellow)
  • Resistors assorted (220Ω, 1kΩ, 10kΩ) — small pack
  • Multi-meter (basic)
  • USB-to-TTL adapter
  • DHT11 temperature-humidity sensor
  • PIR motion sensor
  • TEA5767 FM receiver module
  • Telescopic or simple FM antenna
  • Screwdriver set
Note: These items will be supplied by the organisers and distributed to participants as per batch size.

Requirements from participants (each attendee must bring)

  • Laptop (minimum 16 GB RAM)
  • Kali Linux (installed natively or as a VM) with admin / root access
  • Power adapter / charger

Expected Outcomes

By the end of the workshop, participants will:

Understand how embedded systems interact with network protocols
Build and deploy secure and insecure IoT prototypes
Demonstrate practical knowledge of protocol vulnerabilities (MQTT, CoAP)
Identify firmware-level security flaws using reverse engineering tools
Adopt security-first approaches in IoT system design

Deliverables

Complete hands-on lab manual and code repository access
Digital certificates of participation
Video recordings (if permitted)
Post-workshop feedback report and impact analysis

Conclusion

This workshop offers a rare opportunity for students and professionals to explore both the creative and defensive aspects of IoT. It enables a deep understanding of embedded systems development, communication protocol design, and cybersecurity risks specific to connected environments. Participants will emerge better equipped to innovate responsibly in the evolving IoT landscape.

VILLAGE CREW
Dr. Anand Handa

Chief Strategy Officer

C3iHub IIT Kanpur (IHUB NTIHAC FOUNDATION)

Nitesh Kumar

Senior Research Engineer

C3iHub IIT Kanpur (IHUB NTIHAC FOUNDATION)

Rishi Prakash

Associate instructor

C3iHub IIT Kanpur (IHUB NTIHAC FOUNDATION)

Deexitha

Associate instructor

C3iHub IIT Kanpur (IHUB NTIHAC FOUNDATION)

Rahul K. Shukla

Deputy Manager (R&D Programs)

C3iHub IIT Kanpur (IHUB NTIHAC FOUNDATION)

Prasanjeet Sinha

Manager – Incubation

C3iHub IIT Kanpur (IHUB NTIHAC FOUNDATION)

DIAMOND SPONSOR

PLATINUM SPONSOR

SILVER SPONSORS

BRONZE SPONSOR

EXHIBITORS (PREMIUM)

EXHIBITORS (BASIC)

LANYARD SPONSOR

INDUSTRY CONFERENCE ALLIES

PODCAST PARTNER