Security Auditing and Testing of two Android Client-Server Applications

Engström Ericsson, Matilda

January 2020

How secure is your application? How can you evaluate if it is secure? The threats are many and may be hard to find. In a world where things are more and more automated; how does manual labour contribute to security auditing applications? This study aims to assess two proof of concept Android client-server applications, developed by students to suit the needs of a fictitious Police Department and Fire Department, respectively. The approach is unconventional yet supported by well-established theory. The gist of a vulnerability assessment methodology initially developed to assess the security of middleware is followed and applied to the entire architecture of these client-server applications. How the manual labour contributed to the end results, in comparison to the use of automated tools and a list of known threats, is then evaluated.   It is concluded that the applications encompass multiple of the Open Web Application Security Project (OWASP) Top 10 Mobile Risks and that automated tools find most of those vulnerabilities. However, relying on automation may lead to a false sense of security, which in effect may cause developers to lose understanding of why vulnerabilities occur and how they should be mitigated. Understanding how the design and architecture of the application influence its security is key.   As of Android 9.0+, default is that applications use SSL encrypted communication. Only 40% of Android users are in 2020 affected by this change according to Android studio developer information, leaving a majority of users unaware of if or how their data is being protected, also observed in analysis results from this thesis work. One should consider if or how to inform users of how their data is being handled, not only in newer Android versions or regarding SSL communication.    This work also shows that developers' decisions may be greatly affected by time pressed situations, which is reflected upon in the last chapter. Another important finding was that the third-party software Sinch, which enabled the use of voice and video communication in one of the applications, sent IP addresses and usernames of the users in clear text during the binding request, when the Session Traversal Utilities for NAT (STUN) protocol was used.

Security audit

Security testing

Android Client-Server

OWASP Top 10 Mobile Risks

Automated tools

MITM attack

SSL

Authorization

Computer Sciences

Datavetenskap (datalogi)

The Impact of Cyberattacks on Safe and Efficient Operations of Connected and Autonomous Vehicles

McManus, Ian Patrick

01 September 2021

The landscape of vehicular transportation is quickly shifting as emerging technologies continue to increase in intelligence and complexity. From the introduction of Intelligent Transportation Systems (ITS) to the quickly developing field of Connected and Autonomous Vehicles (CAVs), the transportation industry is experiencing a shift in focus. A move to more autonomous and intelligent transportation systems brings with it a promise of increased equity, efficiency, and safety. However, one aspect that is overlooked in this shift is cybersecurity. As intelligent systems and vehicles have been introduced, a large amount of research has been conducted showing vulnerabilities in them. With a new connected transportation system emerging, a multidisciplinary approach will be required to develop a cyber-resilient network. Ensuring protection against cyberattacks and developing a system that can handle their consequences is a key objective moving forward. The first step to developing this system is understanding how different cyberattacks can negatively impact the operations of the transportation system. This research aimed to quantify the safety and efficiency impacts of an attack on the transportation network. To do so, a simulation was developed using Veins software to model a network of intelligent intersections in an urban environment. Vehicles communicated with Road-Side Units (RSUs) to make intersection reservations – effectively simulating CAV vehicle network. Denial of Service (DoS) and Man in the Middle (MITM) attacks were simulated by dropping and delaying vehicle's intersection reservation requests, respectively. Attacks were modeled with varying degrees of severity by changing the number of infected RSUs in the system and their attack success rates. Data analysis showed that severe attacks, either from a DoS or MITM attack, can have significant impact on the transportation network's operations. The worst-case scenario for each introduced an over 20% increase in delay per vehicle. The simulation showed also that increasing the number of compromised RSUs directly related to decreased safety and operational efficiency. Successful attacks also produced a high level of variance in their impact. One other key finding was that a single compromised RSU had very limited impact on the transportation network. These findings highlight the importance of developing security and resilience in a connected vehicle environment. Building a network that can respond to an initial attack and prevent an attack's dissemination through the network is crucial in limiting the negative effects of the attack. If proper resilience planning is not implemented for the next generation of transportation, adversaries could cause great harm to safety and efficiency with relative ease. The next generation of vehicular transportation must be able to withstand cyberattacks to function. Understanding their impact is a key first step for engineers and planners on the long road to ensuring a secure transportation network. / Master of Science / The landscape of transportation is quickly shifting as transportation technologies continue to increase in intelligence and complexity. The transportation industry is shifting its focus to Connected and Autonomous Vehicles (CAVs). The move to more autonomous and intelligent transportation systems brings with it a promise of increased transportation equity, efficiency, and safety. However, one aspect that is often overlooked in this shift is cybersecurity. As intelligent systems and vehicles have been introduced, a large amount of research has been conducted showing cyber vulnerabilities in them. With a new connected transportation system emerging, a multidisciplinary approach will be required to prevent and handle attacks. Ensuring protection against cyberattacks is a key objective moving forward. The first step to developing this system is understanding how different cyberattacks can negatively impact the operations of the transportation system. This research aimed to measure the safety and efficiency impacts of an attack on the transportation network. To do so, a simulation was developed to model an intelligent urban road network. Vehicles made reservations at each intersection they passed – effectively simulating an autonomous vehicle network. Denial of Service (DoS) and Man in the Middle (MITM) attacks were simulated by dropping, and delaying vehicle's intersection reservation requests, respectively. These cyberattacks were modeled with varying degrees of severity to test the different impacts on the transportation network. Analysis showed that severe attacks can have significant impact on the transportation network's operations. The worst-case scenario for each attack introduced an over 20% increase in delay per vehicle. The simulation showed also that increasing the number of attacked intersections directly related to decreased safety and operational efficiency. Successful attacks also produced a high level of variance in their impact. One other key finding was that a single compromised RSU had very limited impact on the transportation network. These findings highlight the importance of developing security and resilience in a connected vehicle environment. Building a transportation network that can respond to an initial attack and prevent it from impacting the entire network is crucial in limiting the negative effects of the attack. If proper resilience planning is not implemented for CAVs, hackers could cause great harm to safety and efficiency with relative ease. The next generation of vehicular transportation must be able to withstand cyberattacks to function. Understanding their impact is a key first step for engineers and planners on the long road to ensuring a secure transportation network.

Cybersecurity

Autonomous Vehicles

Cavs

Dos

MITM

Transportation Safety

Traffic Operation

Modeling

Resilience

Risk

Impact

RSU

V2X Communication

VANET

ITS

Autonomous Vehicles

Simulation

Veins

Cyberattacks

Penetration testing of Sesame Smart door lock / Penetrationstest av Sesame Smart dörrlås

Liu, Shuyuan

January 2023

The Internet of things (IoT) device has been widely used in various fields, and its market is expanding rapidly. However, the growing usage of IoT devices also brings more security concerns. The smart door lock is one of the smart home IoT devices that need to be designed securely. This thesis work aims to evaluate and investigate the security aspect of the newest smart door lock. This thesis first provides an introduction and background of penetration testing and creates the threat model. Based on the threat model, some testings are conducted, including state consistency, Man-In-The-Middle (MITM) attack, replay attack, reverse engineering, GPS spoofing, Denial of service (DoS) attack. The result indicates that penetration tests reveal some security problems on the tested device, especially in the access log, traffic between application and server, and the ability of resistance disruption on the WiFi access point. / IoT-enheten har använts i stor utsträckning inom olika områden och dess marknad expanderar snabbt. Den ökande användningen av IoT-enheter medför dock också fler säkerhetsproblem. Det smarta dörrlåset är en av de smarta hem IoT-enheterna som måste utformas säkert. Detta examensarbete syftar till att utvärdera och undersöka säkerhetsaspekten av det nyaste smarta dörrlåset. Denna avhandling ger först en introduktion och bakgrund av penetrationstestning och skapar hotmodellen. Baserat på hotmodellen genomförs vissa tester, inklusive tillståndskonsistens, MITM attack, replay attack, reverse engineering, GPS spoofing, DoS attack. Resultatet indikerar att penetrationstester avslöjar vissa sårbarheter på den testade enheten, särskilt i åtkomstloggen, trafik mellan applikation och server och förmågan till motståndsavbrott på WiFi-åtkomstpunkten.

IoT

Smart door lock

State consistency

MITM attack

Replay attack

Reverse engineering

GPS spoofing

DoS attack

IoT

smart dörrlås

tillståndskonsistens

MITM-attack

Replay-attack

Reverse engineering

GPS-spoofing

DoS attack

Computer Sciences

Datavetenskap (datalogi)

Computer Engineering

Datorteknik

Computer and Information Sciences

Data- och informationsvetenskap

Vulnerabilities in SNMPv3

Lawrence, Nigel Rhea

10 July 2012

Network monitoring is a necessity for both reducing downtime and ensuring rapid response in the case of software or hardware failure. Unfortunately, one of the most widely used protocols for monitoring networks, the Simple Network Management Protocol (SNMPv3), does not offer an acceptable level of confidentiality or integrity for these services. In this paper, we demonstrate two attacks against the most current and secure version of the protocol with authentication and encryption enabled. In particular, we demonstrate that under reasonable conditions, we can read encrypted requests and forge messages between the network monitor and the hosts it observes. Such attacks are made possible by an insecure discovery mechanism, which allows an adversary capable of compromising a single network host to set the keys used by the security functions. Our attacks show that SNMPv3 places too much trust on the underlying network, and that this misplaced trust introduces vulnerabilities that can be exploited.

Vulnerability

Man-in-the-middle

MITM

Exploit

Weakness

Authoritative

Non-authoritative

USM

TSM

Rfc1443

1443

Auth

Authentication

NMS

Manager

Management

Embedded

Computer networks Monitoring

Computer networks Management

thesis.pdf

Jianliang Wu (15926933)

30 May 2023

<p>Bluetooth is the de facto standard for short-range wireless communications. Besides Bluetooth Classic (BC), Bluetooth also consists of Bluetooth Low Energy (BLE) and Bluetooth Mesh (Mesh), two relatively new protocols, paving the way for its domination in the era of IoT and 5G. Meanwhile, attacks against Bluetooth, such as BlueBorne, BleedingBit, KNOB, BIAS, and BThack, have been booming in the past few years, impacting the security and privacy of billions of devices. These attacks exploit both design issues in the Bluetooth specification and vulnerabilities of its implementations, allowing for privilege escalation, remote code execution, breaking cryptography, spoofing, device tracking, etc.</p> <p><br></p> <p>To secure Bluetooth, researchers have proposed different approaches for both Bluetooth specification (e.g., formal analysis) and implementation (e.g., fuzzing). However, existing analyses of the Bluetooth specification and implementations are either done manually, or the automatic approaches only cover a small part of the targets. As a consequence, current research is far from complete in securing Bluetooth.</p> <p><br></p> <p>Therefore, in this dissertation, we propose the following research to provide missing pieces in prior research toward completing Bluetooth security research in terms of both Bluetooth specification and implementations. (i) For Bluetooth security at the specification level, we start from one protocol in Bluetooth, BLE, and focus on the previously unexplored reconnection procedure of two paired BLE devices. We conduct a formal analysis of this procedure defined in the BLE specification to provide security guarantees and identify new vulnerabilities that allow spoofing attacks. (ii) Besides BLE, we then formally verify other security-critical protocols in all Bluetooth protocols (BC, BLE, and Mesh). We provide a comprehensive formal analysis by covering the aspects that prior research fails to include (i.e., all possible combinations of protocols and protocol configurations) and considering a more realistic attacker model (i.e., semi-compromised device). With this model, we are able to rediscover five known vulnerabilities and reveal two new issues that affect BC/BLE dual-stack devices and Mesh devices, respectively. (iii) In addition to the formal analysis of specification security, we propose and build a comprehensive formal model to analyze Bluetooth privacy (i.e., device untraceability) at the specification level. In this model, we convert device untraceability into a reachability problem so that it can be verified using existing tools without introducing false results. We discover four new issues allowed in the specification that can lead to eight device tracking attacks. We also evaluate these attacks on 13 Bluetooth implementations and find that all of them are affected by at least two issues. (iv) At the implementation level, we improve Bluetooth security by debloating (i.e., removing code) Bluetooth stack implementations, which differs from prior automatic approaches, such as fuzzing. We keep only the code of needed functionality by a user and minimize their Bluetooth attack surface by removing unneeded Bluetooth features in both the host stack code and the firmware. Through debloating, we can remove 20 known CVEs and prevent a wide range of attacks again Bluetooth. With the research presented in this thesis, we improve Bluetooth security and privacy at both the specification and implementation levels.</p>

System and network security

Mobile computing

Bluetooth low-energy

Security & privacy factors

Bluetooth Classic

Bluetooth Mesh

Man-in-the-middle (MITM) attacks

Device tracking

Formal Analysis

Program Analysis

Debloating

Spoofing attacks

Reflection attacks

A Comprehensive Taxonomy of Attacks and Mitigations in IoT Wi-Fi Networks : physical and data-link layer

Almjamai, Sarmed

January 2022

The number of Internet of Things (IoT) devices is rising and Wireless Fidelity (Wi-Fi) networks are still widely used in IoT networks. Security protocols such as Wi-Fi Protected Access 2 (WPA2) are still in use in most Wi-Fi networks, but Wi-Fi Protected Access 3 (WPA3) is making its way as the new security standard. These security protocols are crucial in Wi-Fi networks with energy and memory-constrained devices because of adversaries that could breach confidentiality, integrity, and availability of networks through various attacks. Many research papers exist on single Wi-Fi attacks, and the strengths and weaknesses of security protocols and Wi-Fi standards. This thesis aims to provide a detailed overview of Wi-Fi attacks and corresponding mitigation techniques against IoT Wi-Fi networks in a comprehensive taxonomy. In addition tools are mentioned for each Wi-Fi attack that allows, e.g., professionals or network administrators to test the chosen Wi-Fi attacks against their IoT networks. Four types of attack (categories) were defined, Man-in-the-Middle (MitM), Key-recovery, Traffic Decryption, and Denial of Service (DoS) attacks. A set of Wi-Fi attack features were defined and decribed. The features included the security protocol and security mode, the layer (physical or data-link) that an attack targets, and the network component interaction required to allow a Wi-Fi attack to execute successfully. In total, 20 Wi-Fi attacks were selected with relevance to IoT in Wi-Fi networks based on some criteria. Additonally, each Wi-Fi attack consist of a description of possible consequences/results an adversary can achieve, such as eavesdropping, data theft, key recovery, and many more. Flow charts were also added to give the reader a visual perspective on how an attack works. As a result, tables were created for each relevant security protocol and the Open Systems Interconnection (OSI) layers to create a overview of mitigations and available tools for each attack. Furthermore, WPA3 was discussed on how it solves some shortcomings of WPA2 but has vulnerabilities of it own that lie in the design of the 4-way and dragonfly handshake itself. In conclusion, development and proper vulnerability tests on the Wi-Fi standards and security protocols have to be conducted to improve and reduce the possibility of current and upcoming vulnerabilities.

Attack

Mitigation

Tools

Vulnerability

Security protocol

WPA2

WPA3

Wi-Fi

IoT

physical layer

data-link layer

MitM

DoS

Key-recovery

Traffic decryption

Communication Systems

Kommunikationssystem

Signal Processing

Signalbehandling

Telecommunications

Telekommunikation

Computer Systems

Datorsystem

Odposlech moderních šifrovaných protokolů / Interception of Modern Encrypted Protocols

Marček, Ján

January 2012

This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.