Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Recolector de Cienci...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2018
License: CC BY NC ND
Data sources: Recolector de Ciencia Abierta, RECOLECTA
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2018
License: CC BY NC ND
Data sources: Recolector de Ciencia Abierta, RECOLECTA
 View all 2 versions
Claim

Pruebas de seguridad en implementaciones 802.11k/v

descriptionPublicationkeyboard_double_arrow_right Master thesis 01 Jan 2018 Spain Publisher:Universitat Oberta de Catalunya
Authors: Contreras Albesa, Javier;

handle: 10609/81687

Pruebas de seguridad en implementaciones 802.11k/v

Abstract

Este trabajo tiene como finalidad crear bancos de prueba pruebas contra diferentes implementaciones de 802.11k/v en productos comerciales basados en los sistemas operativos Android y Apple IOS, con el fin de detectar fallos de seguridad Para realizar las pruebas se realizaron capturas de tramas en los protocolos de interés, para luego crear diferentes bancos de validación que permitieran enviar tramas simuladas con diferentes violaciones de los protocolos, buscando un fallo en el dispositivo, por ejemplo, desconexiones o reinicios. Dentro de las pruebas realizadas, no fue posible obtener fallos consistentes en ninguna de las implementaciones sujetas a validación. Los resultados conllevan a proponer futuros bancos de prueba más sofisticados que permitan interferir de forma más controlada sobre la máquina de estado de los diferentes dispositivos. Dada la carencia de protección de tramas en las implementaciones actuales, se presupone que existe un riesgo de seguridad que podría ser abusado, y que podría ser encontrado con las pruebas adecuadas.

Aquest treball té com a finalitat crear bancs de prova proves contra diferents implementacions de 802.11k/v en productes comercials basats en els sistemes operatius Android i Apple IOS, amb la finalitat de detectar fallades de seguretat. Per realitzar les proves es van realitzar captures de trames en els protocols d'interès, per després crear diferents bancs de validació que permetessin enviar trames simulades amb diferents violacions dels protocols, buscant una fallada en el dispositiu, per exemple, desconnexions o reinicis. Dins de les proves realitzades, no va ser possible obtenir fallades consistents en cap de les implementacions subjectes a validació. Els resultats comporten a proposar futurs bancs de prova més sofisticats que permetin interferir de forma més controlada sobre la màquina d'estat dels diferents dispositius. Donada la manca de protecció de trames en les implementacions actuals, es pressuposa que existeix un risc de seguretat que podria ser abusat, i que podria ser trobat amb les proves adequades.

This research was done with the objective of creating different test banks against commercial implementations of 802.11k and 802.11v like Android and Apple IOS, looking for possible security vulnerabilities. The creation of test banks were based on collected frames used around the protocols of interest, modifying them to create a set of spoofed frames under control, simulating different protocol violations, looking to create failures like disconnections or resets. As result of the different tests, it was not possible to obtain a consistent failure point on any of the implementations under analysis. The results provide a basis to propose future test banks with more sophisticated state machine control, in order to perform a more controlled impact into the implementations under test. Given the lack of protection on most of the analyzed protocol frames, we can assume that possible security risks should exist waiting to be found with additional testing.

Country
Spain
Related Organizations
Keywords

Internet of things, internet de las cosas, internet de les coses, Seguridad informática -- TFM, implementacions, implementations, implementaciones, Seguretat informàtica -- TFM, seguretat informàtica, Computer security -- TFM, seguridad informática, computer security

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
0
Average
Average
Average
Green