The wireless world of today is essential to the everyday life of millions of people. Wireless technology is evolving at a rapid pace that's speed outmatches what the previous testing can handle. This necessitates the need for smarter and faster testing methods. One of the recent fast and efficient testing methods is fuzz testing. Fuzz testing is the generation and injection of unexpected input called "fuzzed" input for a system by slightly changing a base input hundreds or even thousands of times and introducing each change into a system to observe its effects. In this thesis, we developed and implemented a fuzz testing architecture to test 5G wireless system vulnerabilities. The proposed design uses multiple open-source software to create a virtual wireless environment for testing the fuzzed inputs' effects on the wireless attach procedure. Having an accessible and adaptable fuzzing architecture to use with wireless networks will help against malicious parties. Due to 5G simulation technology still being developed and the cost of ready-made 5G testing equipment, the architecture was implemented in an LTE environment using the srsRAN LTE simulation software, the Boofuzz fuzzing software, and Wireshark packet capture software. The results show consistent effects of the fuzz testing on the outputs of the LTE eNB. We also include a discussion of our future suggestions to improve the proposed fuzzing architecture. / Master of Science / The persistence of the cellular network is essential to the everyday life of millions of people. Cell phones and cell towers play an important role in business, communication, and recreation across the globe. The speed of advancements made in phones and cell towers technology is outpacing the speed of security testing, increasing the possibility of system vulnerabilities and unexplored back-doors. To cover the security testing gap, different automated testing models are being researched and developed, one of which is fuzz testing. Fuzz testing is the generation and injection of unexpected input called "fuzzed" input for a system by slightly changing a base input hundreds or even thousands of times and introducing each change into a system to observe its effects. The fuzzing architecture proposed in this thesis is used to test for security flaws in wireless cellular networks. We implemented our fuzz testing model in a simulated 4G cellular network, where the results show the effectiveness of the model on tracing network vulnerabilities. The results of the experiment show consistent effects of the fuzz testing on a wireless system. A discussion of how the proposed model can be further improved for future work is added to the end of this thesis.
Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/110927 |
Date | 23 June 2022 |
Creators | Mayhew, Stephen Richard |
Contributors | Electrical and Computer Engineering, Reed, Jeffrey H., Wang, Ying, Dietrich, Carl B. |
Publisher | Virginia Tech |
Source Sets | Virginia Tech Theses and Dissertation |
Language | English |
Detected Language | English |
Type | Thesis |
Format | ETD, application/pdf, application/pdf |
Rights | In Copyright, http://rightsstatements.org/vocab/InC/1.0/ |
Page generated in 0.0023 seconds