Training Session - Hardware

Practical Alarm System Bypass for Security Professionals

May 14, 15 and 16th

Overview

Over the past several decades most alarm installations have stayed the same more than they have changed. Advancements in physical intrusion detection technologies have produced promising results, but adoption has been generally restricted to government and high-security installations. As a result, most alarm systems installed today remain vulnerable to a variety of attacks and weaknesses. While some research has been performed regarding these systems, the operational information about them is scarce and sometimes incorrect. As a result, the modern security professional has had few resources available for adequately auditing many alarm installations.

From server racks to commercial installations, many alarm systems in use today remain highly vulnerable to malicious tampering and bypass.

Designed for security professionals with no alarm experience, this training will review past and present alarm system architecture, it’s design elements, associated sensors, and methods for their defeat. Both wired and wireless technologies will be discussed, and students will receive extensive hands-on experience with alarm hardware, sensors, and defeat tools.

Students completing the course will have a more comprehensive understanding of how alarms are designed to be used, how they are defeated, and methods that may be used to enhance attack-resistance.

Training Outline

System Overview

  • Alarm History: Past and Present
  • Modern Alarm Systems
  • Alarm Hardware Overview

System Details

  • System Design and Architecture
  • Wired Bus Protocol Overview
  • Bus Accessories and Hardware Overview
  • Hardwired Alarm Zone Overview
  • Wireless Zone Overview
  • Wi-Fi and Cellular Bridges
  • Common Sensor Types
  • Common Sensor Placement: Good, Bad, and Ugly

System Weaknesses

  • Architectural Weaknesses in Alarm Systems
  • Design and Installation Problems
  • Weaknesses and Bypass Methods for Hardwired Zones
  • Weaknesses and Bypass Methods for Wireless Zones
  • Sensor Jamming and Spoofing

Mitigations

  • Proper Installation Guidelines
  • Wireless Zone Risk Reduction Methods
  • Understanding System Weaknesses
  • Preventing Physical Access to Critical Alarm Infrastructure

Pre-requisites

  • No prior alarm or hardware experience is necessary
  • Students should bring a laptop or notebook computer capable of running a VMware image with the necessary tools

Bio

Babak Javadi Security Researcher, Red Team Alliance / The CORE Group

Coming soon

Drew Porter , Red Team Alliance / Red Mesa

Coming soon

Return to training sessions