Global ETD Search

21	Pentesting on a WiFi Adapter : Afirmware and driver security analysis of a WiFi Adapter, with a subset of WiFi pentesting / Pentesting på en WiFi Adapter : En firmware och drivrutin säkerhetsundersökning av en WiFi Adapter med en delmäng av WiFi pentesting Henning, Johan January 2023 (has links) Simple IoT devices such as WiFi adapters have the possibility of containing vulnerabilities because of the vast complexity of parsing and implementing the IEEE 802.11 standard correctly. Many of these adapters contain specific and obscure CPU archetypes, making it difficult to assess their security on the firmware from an ethical hacking standpoint. This thesis aims to identify and report possible vulnerabilities, bugs or exploits in the seemingly unexplored chipset called rtl8188eus from Realtek and its corresponding drivers and firmware within the given limitations. The methods used to assess the security of the adapter are based on the Pentesting standard, STRIDE model and corresponding OWASP lists. Several approaches were attempted to analyse the firmware for potential weaknesses, but all attempts were unsuccessful. Other approaches, such as dynamic testing, gave more promising results. One finding from the dynamic testing resulted in a Linux kernel crash through the WiFi adapter which was made possible with only two types of WiFi frames. / Enkla IoT produkter som WiFi adapters har möjligheten att innehålla sårbarheter på grund av det är svårt att implementera de komplexa IEEE 802.11 standarden korrekt. Många av dessa adapters innehåller simpla men okända processorarketyper, vilket gör det svårt att validera deras säkerhet på det firmware som används i ett etiskt hackning synpunkt. Detta examensarbete mål är att identifiera och rapportera möjliga sårbarheter eller buggar i den till synes outforskade chipsetet kallad rtl8188eus från Realtek, dess motsvarande drivrutiner och firmware inom de givna begränsningarna. Metoderna som används för att bedöma adapterns säkerhet är baserade på Pentesting-standarden, STRIDE-modellen och motsvarande OWASP-listor. Flera metoder försökte analysera firmwaret för potentiella svagheter, men alla försök misslyckades. Andra tillvägagångssätt, såsom dynamisk testning, gav mer lovande resultat. Ett fynd från det dynamiska testet resulterade i en Linux kernel krasch genom WiFi-adaptern som möjliggjordes med endast två typer av WiFi frames. Firmware Drivers WiFi Ethical Hacking Penetration Testing. Firmware Drivrutiner WiFi Etisk Hackning Penetration Testing. Computer Sciences Datavetenskap (datalogi)
22	Prestandautvärdering av firmwares baserade på öppen källkod för routrar/brandväggar på MIPS-arkitektur : Jämförelse mellan Open-WRT, DD-WRT och Tomato firmware Alm, Anton, Björling, Joakim January 2014 (has links) Den här undersökningen jämför prestanda hos tre olika firmwares som är baserade på öppen källkod. DD-WRT, Open-WRT samt Tomato Firmware för MIPS-arkitektur. Testerna följer två RFC som beskriver hur en prestandaanalys av ett nätverk ska genomföras. De sammanfattade resultaten pekar på en vinnare som presterat generellt bättre genom alla tester och det var Tomato firmware. Dessa resultat är hämtade från tre olika tester: genomströmningstest, svarstidstest och test med samtidiga sessioner. Undersökningen visar också att prestandan rent generellt är väldigt jämlik över alla firmwares i de olika testerna. En viktig aspekt är att det finns ingen överlägsen vinnare, vilket beror på, till exempel, hur konsekventa resultaten varit. Detta hänger även ihop med en möjlig slutsats där firmwaresen presterar olika bra beroende på vilken typ av uppgift det gäller. Som fortsatt arbete rekommenderas prestanda och funktionsanalys av liknande verktyg som varje firmware innehåller. Även en undersökning gällande gränssnittet för varje firmware skulle vara intressant. / This investigation compares the performance of three different open-source firmwares. DD-WRT, Open-WRT and Tomato Firmware with MIPS architecture. The test follows two RFC that describes the process of how to perform a performance analysis of network interconnected devices. The summarized results show a winner which has generally performed better throughout all the tests and this was Tomato firmware. These results are gathered from three different tests, which is throughput, latency and concurrent sessions test. The survey also shows that the performance in general is very equal across all firmwares in the various tests. An important aspect is that there are no outstanding winner, which depends on for example how consistent the results have been. This also concerns a possible conclusion where the firmwares perform various well depending on the type of task involved. As further work on this investigation we recommend a performance and function analysis of the tools that the firmware contains. Although a survey of the interface for each firmware would be interesting. Performance evaluation MIPS Open-Source DD-WRT Open-WRT Tomato firmware Router MIPS Öppen källkod DD-WRT Open-WRT Tomato-firmware Router
23	Enhancing availability in large scale storage systems and services: architectures and techniques Seshadri, Sangeetha 04 May 2009 (has links) Enterprises today are dealing with extremely large amounts of critical digital information that continues to grow at an astonishing rate. On the other hand, storage software (firmware, middleware) and systems are becoming much more complex and existing failure recovery mechanisms are insufficient to handle the scale of these systems while meeting high availability and service quality expectations. In addition, the concurrent development and quality assurance processes, the large number of test scenarios and the large scale of these systems and services imply that failures will be the norm rather than the exception. Therefore achieving high availability and reliability in storage systems remains a major concern and an open research challenge. Most existing work in the domain of storage system availability addresses failures of the storage media (such as disks) and recoverability from these failures. However, failures at the firmware and middleware layers remain largely unaddressed. This dissertation research addresses these challenges in depth across different storage architectures. Concretely, we make the following contributions: First, we develop a recovery conscious framework for multi-core architectures and a suite of techniques for performing efficient fine-grained recovery (micro-recovery) in storage controller firmware that can be retrofitted into legacy code. The framework includes a task-level recovery mechanism, the Log(Lock) architecture that allows system state restoration during micro-recovery, and recovery-conscious scheduling algorithms that are designed to reduce the ripple effect of failure and improve recovery efficiency and system availability. Our second technical contribution addresses the storage middleware availability. We develop the notion of hierarchical middleware architectures by organizing critical cluster management services into a hierarchical overlay network, which separates persistent application state from global system control state and demonstrate significant improvement in the availability and reliability of enterprise scale storage systems. In addition, we develop the notion of operator reuse and a suite of reuse techniques to improve data availability. The key idea of operator reuse is to efficiently utilize system resources by exploiting reuse opportunities in both operators and persistent state of computing nodes. We demonstrate our design through STREAMREUSE, a reuse-conscious store-forward network of storage nodes, which offers distributed stream query processing services. Query optimization Software recovery Middleware Firmware Stream processing systems Storage systems High-availability architectures Data libraries Data warehousing Middleware Computer firmware Data recovery (Computer science)
24	Security Enhanced Firmware Update Procedures in Embedded Systems Abrahamsson, David January 2008 (has links) Many embedded systems are complex, and it is often required that the firmware in these systems are updatable by the end-user. For economical and confidentiality reasons, it is important that these systems only accept firmware approved by the firmware producer. This thesis work focuses on creating a security enhanced firmware update procedure that is suitable for use in embedded systems. The common elements of embedded systems are described and various candidate algorithms are compared as candidates for firmware verification. Patents are used as a base for the proposal of a security enhanced update procedure. We also use attack trees to perform a threat analysis on an update procedure. The results are a threat analysis of a home office router and the proposal of an update procedure. The update procedure will only accept approved firmware and prevents reversion to old, vulnerable, firmware versions. The firmware verification is performed using the hash function SHA-224 and the digital signature algorithm RSA with a key length of 2048. The selection of algorithms and key lengths mitigates the threat of brute-force and cryptanalysis attacks on the verification algorithms and is believed to be secure through 2030. Secure firmware update threat analysis embedded security embedded systems Säker uppdatering hotanalys säkerhet inbyggda system firmware mjukvara Computer and Information Sciences Data- och informationsvetenskap
25	System for firmware verification Nilsson, Daniel January 2009 (has links) <p>Software verification is an important part of software development and themost practical way to do this today is through dynamic testing. This reportexplains concepts connected to verification and testing and also presents thetesting-framework Trassel developed during the writing of this report.Constructing domain specific languages and tools by using an existinglanguage as a starting ground can be a good strategy for solving certainproblems, this was tried with Trassel where the description-language forwriting test-cases was written as a DSL using Python as the host-language.</p> software verification unit-testing domain specific languages embedded platform firmware testing framework Computer science Datavetenskap
26	Enhancing availability in large scale Seshadri, Sangeetha. January 2009 (has links) Thesis (Ph.D)--Computing, Georgia Institute of Technology, 2009. / Committee Chair: Ling Liu; Committee Member: Brian Cooper; Committee Member: Calton Pu; Committee Member: Douglas Blough; Committee Member: Karsten Schwan. Part of the SMARTech Electronic Thesis and Dissertation Collection.
27	Design and development of an automated regression test suite for UEFI Saadat, Huzaifa 20 January 2015 (has links) (PDF) Unified Extensible Firmware Interface (UEFI) is an industry standard for implementing the basic firmware in the computers. This standard replaces BIOS. A huge amount of C code has been written for the implementation of UEFI. Yet there has been a very little focus on testing UEFI code. The thesis shows how the industry can perform a meaningful testing of UEFI. Spanning the test coverage with the help of test tools over all UEFI phases is a key objective. Moreover, techniques such as Test Driven Development and source code analysis are explained in terms of UEFI to make sure the bugs are minimized in the first place. The results show that the usage of test and analysis tools point to a large number of issues. Some of these issues can be fixed at a very early stage in the Software Development Life Cycle. For this reason the developers and testers should be convinced that they need to focus on testing UEFI from a software perspective. UEFI Versuch Eingebettete Systeme Testen UEFI Testing Firmware Embedded systems ddc:004 Versuch Testen Eingebettetes System
28	Agile Project Management Challenges : Analyzing and Exploring Agile Project Management Challenges from a Practitioner Perspective: A case study on HMS Mohan, Aneesha January 2018 (has links) No description available. Agile project management challenges barriers transition adoption firmware development software development scrum SME. Business Administration Företagsekonomi
29	System for firmware verification Nilsson, Daniel January 2009 (has links) Software verification is an important part of software development and themost practical way to do this today is through dynamic testing. This reportexplains concepts connected to verification and testing and also presents thetesting-framework Trassel developed during the writing of this report.Constructing domain specific languages and tools by using an existinglanguage as a starting ground can be a good strategy for solving certainproblems, this was tried with Trassel where the description-language forwriting test-cases was written as a DSL using Python as the host-language. software verification unit-testing domain specific languages embedded platform firmware testing framework Computer Sciences Datavetenskap (datalogi)
30	Comparison in functionality between a closed and two open source distributions in a router Carlsson, Jacob January 2016 (has links) With open source router firmware being used for various tasks that would be hard to achieve for the standard closed source router firmware, it is important to compare the two in terms of performance. This study aimed to study the differences in performance between open source router firmware and that of closed source router firmware. In addition to have measured bandwidth, packet loss and response time has also been measured in order to make it easier for companies/people to make informed decisions regarding whether to use open source router firmware or not. To further help with decision making, a qualitative study was made to gather data regarding how easy each firmware is to configure and how secure they are. There were some larger differences between the open source router firmware and that of the closed source router firmware. The closed source router firmware performed better when it came to bandwidth, whereas the open source firmware got better response time and overall better stability. Open source Closed source Router Firmware Performance Bandwidth Computer and Information Sciences Data- och informationsvetenskap

Search results