Exploiting Buffer Overflow Vulnerabilities in Software Defined Radios
As wireless systems are becoming more complex, there is a shift towards implementing these systems completely in software and firmware rather than hardware. Software defined radios allow for quickly prototyping, testing, and deployment of flexible systems that can be upgraded in the field. However,...
Gespeichert in:
| Veröffentlicht in: | 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) S. 1921 - 1927 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Tagungsbericht |
| Sprache: | Englisch |
| Veröffentlicht: |
IEEE
01.07.2018
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | As wireless systems are becoming more complex, there is a shift towards implementing these systems completely in software and firmware rather than hardware. Software defined radios allow for quickly prototyping, testing, and deployment of flexible systems that can be upgraded in the field. However, since these systems are implemented in software, common coding mistakes in the signal processing modules can leave these systems vulnerable to traditional cyber-security attacks. As software radios become more prevalent in the industry, the risk of these vulnerabilities existing and being exploited in production systems increases significantly. In many cases, wireless security research is focused on the security of specific protocols rather than vulnerabilities in the radios themselves. Our research focuses specifically on these vulnerabilities that can exist in an implementation. We present two different examples of buffer overflow vulnerabilities in the link-layer processing blocks of a GNU Radio waveform. Both of these examples are based on poorly designed implementations and incorrect assumptions concerning the maximum possible length of a received message. By exploiting these vulnerabilities, we were able to successfully demonstrate persistent denial-of-service attacks and also the ability to remotely execute malicious code on the target. While a better implementation would solve these specific issues, these are examples of common programming mistakes that leave the system vulnerable to attack and can be easily overlooked during development. |
|---|---|
| AbstractList | As wireless systems are becoming more complex, there is a shift towards implementing these systems completely in software and firmware rather than hardware. Software defined radios allow for quickly prototyping, testing, and deployment of flexible systems that can be upgraded in the field. However, since these systems are implemented in software, common coding mistakes in the signal processing modules can leave these systems vulnerable to traditional cyber-security attacks. As software radios become more prevalent in the industry, the risk of these vulnerabilities existing and being exploited in production systems increases significantly. In many cases, wireless security research is focused on the security of specific protocols rather than vulnerabilities in the radios themselves. Our research focuses specifically on these vulnerabilities that can exist in an implementation. We present two different examples of buffer overflow vulnerabilities in the link-layer processing blocks of a GNU Radio waveform. Both of these examples are based on poorly designed implementations and incorrect assumptions concerning the maximum possible length of a received message. By exploiting these vulnerabilities, we were able to successfully demonstrate persistent denial-of-service attacks and also the ability to remotely execute malicious code on the target. While a better implementation would solve these specific issues, these are examples of common programming mistakes that leave the system vulnerable to attack and can be easily overlooked during development. |
| Author | Clancy, T. Charles Fowler, M. Hitefield, S. D. |
| Author_xml | – sequence: 1 givenname: S. D. surname: Hitefield fullname: Hitefield, S. D. organization: Virginia Tech, Hume Center for National Security and Technology, Blacksburg, VA – sequence: 2 givenname: M. surname: Fowler fullname: Fowler, M. organization: Virginia Tech, Hume Center for National Security and Technology, Blacksburg, VA – sequence: 3 givenname: T. Charles surname: Clancy fullname: Clancy, T. Charles organization: Virginia Tech, Hume Center for National Security and Technology, Blacksburg, VA |
| BookMark | eNotjMtOwzAQAI0EByj9Ai6WOKf4EcfrI4RQkCpV4nWN1vUaWUqTykkp_XsQcJk5jDQX7LQfemLsWoqFlMLd1EdPeYtT2oytEhIWvxBCSzhhc2dBGg2Vddboc9Y0X7tuSFPqP_jdPkbKfP1JOXbDgb_vu54y-tT9dBp56vnLEKcDZuL3FFNPgT9jSMN4yc4idiPN_z1jbw_Na_1YrNbLp_p2VSRpzVSgEpVEGbSzJZDXAQQoCM4qLNEZ9CZaqch7CSBiKbCy6KIoTXBAeqP0jF39fRMRtbuctpiPLVhVGaf0N7vFTHc |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/Cybermatics_2018.2018.00318 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE/IET Electronic Library IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781538679753 1538679752 |
| EndPage | 1927 |
| ExternalDocumentID | 8726592 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i175t-a2061a1d39748eb3d80828d972a4a95ab5f712ebb1880f40a67a9f045d98e3c23 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 3 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000481634500282&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Thu Jun 29 18:39:06 EDT 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-a2061a1d39748eb3d80828d972a4a95ab5f712ebb1880f40a67a9f045d98e3c23 |
| PageCount | 7 |
| ParticipantIDs | ieee_primary_8726592 |
| PublicationCentury | 2000 |
| PublicationDate | 2018-July |
| PublicationDateYYYYMMDD | 2018-07-01 |
| PublicationDate_xml | – month: 07 year: 2018 text: 2018-July |
| PublicationDecade | 2010 |
| PublicationTitle | 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) |
| PublicationTitleAbbrev | ITHINGS |
| PublicationYear | 2018 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.6784027 |
| Snippet | As wireless systems are becoming more complex, there is a shift towards implementing these systems completely in software and firmware rather than hardware.... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 1921 |
| SubjectTerms | Communication system security Communications System Security Computer Security Hardware Security Signal processing Software Software radio Wireless communication |
| Title | Exploiting Buffer Overflow Vulnerabilities in Software Defined Radios |
| URI | https://ieeexplore.ieee.org/document/8726592 |
| WOSCitedRecordID | wos000481634500282&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEJ4AMcaTGjC-00SPrkC3u-1eRYgHg8QH4Ub6mCabkF0CrMR_b1sIevDireml6fTxzbTffANwS6lAppBF7jBhxEzMItlJbaSZ0jFaqzpBZ3v8zIdDMZlkoxrc7XJhEDGQz_DeN8Nfvil15Z_K2oJT_wtYhzrn6SZXax9utrKZ7d6XwuDm6eXUwVrgbXmiZOwLevwqnRKQY3D4vzGPoPWTgkdGO3A5hhoWTegHxlzumcrkofKVTciL24p2Vq7JuJp5AenAdXXRL8kL8uau2LVcIHlE65xJQ16lyctlCz4G_ffeU7StgxDlDtxXkaQOdGXXONeBCRf8GuF150zGqWQyS6RKLO9SVMprq1nWkSmXmXW-mskExprGJ9AoygJPgVjUKeeJzpTwwndMxdwFcIZ1_QNbksVn0PQmmM43UhfT7ezP_-6-gANv4w179RIaq0WFV7CnP1f5cnEd1ucbESeUAw |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEJ4gGvWkBoxvm-jR1aXbZXevIgQjIlEk3DZ9TJNNyK4BVuK_ty0EPXjx1vTSdPr4ZtpvvgG4pjRGJpB55jChx1TAPO43tSeZkAFqLXynsz3qRf1-PB4ngwrcrHNhENGRz_DWNt1fvipkaZ_K7uKI2l_ADdgMGaP-MltrG65Wwpl3rS-BztGTs9QAm2NuWapkYEt6_Cqe4rCjs_e_Ufeh_pOERwZreDmACuY1aDvOXGa5yuS-tLVNyIvZjHpSLMionFgJacd2NfEvyXLyZi7ZBZ8ieUBt3ElFXrnKilkd3jvtYavrrSoheJmB97nHqYFd3lDGeWCxCX9VbJXnVBJRzngSchHqqEFRCKuuppnPmxFPtPHWVBJjIGlwCNW8yPEIiEbZjKJQJiK20ndMBJEJ4RRr2Ce2MAmOoWZNkH4sxS7S1exP_u6-hJ3u8LmX9h77T6ewa-295LKeQXU-LfEctuTnPJtNL9xafQPzkJdK |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2018+IEEE+International+Conference+on+Internet+of+Things+%28iThings%29+and+IEEE+Green+Computing+and+Communications+%28GreenCom%29+and+IEEE+Cyber%2C+Physical+and+Social+Computing+%28CPSCom%29+and+IEEE+Smart+Data+%28SmartData%29&rft.atitle=Exploiting+Buffer+Overflow+Vulnerabilities+in+Software+Defined+Radios&rft.au=Hitefield%2C+S.+D.&rft.au=Fowler%2C+M.&rft.au=Clancy%2C+T.+Charles&rft.date=2018-07-01&rft.pub=IEEE&rft.spage=1921&rft.epage=1927&rft_id=info:doi/10.1109%2FCybermatics_2018.2018.00318&rft.externalDocID=8726592 |