Finished Theses

58 Entries found


TETRA wird im kommerziellen Umfeld zur Kommunikation auf Werksgeländen eingesetzt. Im Behörden-Umfeld wird TETRA von den Organisationen und Behörden mit Sicherheitsausaufgaben (Polizei, Feuerwehr, Rettungsdienst) als primäres Kommunikationsmittel eingesetzt und hat dort den Analogfunk abgelöst. Die Sicherheit wie auch die Ausfallsicherheit dieser Kommunikation ist von größter Wichtigkeit, da darüber Notfälle bearbeitet werden. Das BOS-TETRA System ist vom Entwicklungsstand ca. 2 Jahre hinter den kommerziellen Anwendungen. Jedoch wurden weder kommerzielle noch die behördlichen TETRA-Installationen ausgiebigen öffentlichen Sicherheitsüberprüfungen unterzogen. In dieser Arbeit wurde die interne Kommunikation einer Motorola-Basisstation untersucht und im Anschluss nach Fehlern in der Implementierung gesucht. Die Fehlersuche wurde mittels Fuzzing durchgeführt. Dabei wurde ein Fehler gefunden, der das Base Radio (BR) zum Neustart bringt.

Network Coding has many positives properties that make it especially suitable for Wireless Multihop Networks [1]. Network Coding can be used to increase the effective capacity of the network, by coding (simplest form: bit-wise XOR) together packets of different flows and forwarding them in a single broadcast transmission to their intended receivers, e.g., [2]. It can also be used within a single flow to improve forward error correction (FEC) and, thus, increase transmission reliability, e.g., [3]. Unfortunately, systems based on Network Coding are easy targets for a number of attacks, and even easier to disrupt than protocols based on traditional forwarding [4].

Visible Light Communication (VLC) is a technology that uses light as the communication medium. Light offers a much higher bandwidth than the currently used traditional wireless communication technologies. This combined with the fact that it does not cause electromagnetic interference, makes VLC an ideal candidate to augment Radio Frequency (RF) technology by creating small VLC Private Area Networks (VPAN). Open source Visible Light Communication (OpenVLC) is an open-source project for conducting research in VLC technology. It is based on BeagleBone Black that has a hardware extension attached to it. It offers a Linux driver that can be used to control the hardware that communicates using an LED and a PD. However, the driver has some serious stability issues and design problems. In this thesis, we re-write the device driver for the OpenVLC platform that would implement parts of the IEEE 802.15.7 standard. The primary goal is to make the driver stable, flexible to upgrades, well documented and boosting a proper Medium Access Control (MAC) layer implementation.

Abstract of final thesis:

The Apple Watch provides the ability to automatically unlock a device running macOS when in proximity. The underlying proprietary protocol is called Auto Unlock (AU) and differs from other smart locking techniques. It uses a combination of two wireless technologies: Bluetooth Low Energy (BLE) and IEEE 802.11, to facilitate secure proximity detection. In this work we analyze the protocol by using reverse engineering and dynamic debugging. We show that AU uses both standardized protocols as well as proprietary techniques to implement a secure distance bounding protocol. With this knowledge, we discuss attack vectors and conduct a successful Man-in-the-Middle (MitM) attack on the protocol. Furthermore, we provide a starting point to allow implementations on other platforms by specifying the protocol and establish the foundation for further attacks.

Todays wireless networks are imagined to rely on radio communication. With the emergence of light-emitting diodes (LEDs) for illumination, the possibility arose to modulate light at high frequencies to transmit data, termed as visible light communication (VLC). However, VLC still needs to mature, faces problems as such as portability and thus, is proposed to coexist with ubiquitous Wi-Fi. There is little practice-oriented research on this topic, as VLC in itself is not established and hardware capable of both technologies does not exist. Before hybrid networks can be adopted in commercial products, testbeds are required for development of standards.

In this thesis, VLC hardware from prior works was modified, simulated, and built. With the constructed VLC  channel, measurements of link blockage were carried out. Handover from VLC to Wi-Fi on layer 2 was designed and simulated, based on the previously made measurements. Furthermore, a combined VLC+Wi-Fi testbed was designed based on two software-defined radio (SDR) platforms. The design shows that a testbed can be realized at reasonable effort. In addition, the proposed testbed underlines the wide design space of heterogeneous networks.

Die Übertragung von Informationen mittels sichtbaren Lichtes, auch VLC genannt, ist eine altbekannte Methode. Durch die Fortschritt in der Lampen- und Sensorentechnik ist diese Art der Kommunikation wieder populär geworden. Durch die OpenVLC-Plattform wurde eine günstige Variante vorgestellt, um mit VLC zu experimentieren. Leider war der Treiber veraltet und war für höhere Geschwindigkeiten nicht stabil. Um die Hardware weiter nutzen zu können ist die Implementierung eines neuen Treibers nötig. Im Rahmen dieser Arbeit wird das unteren MAC-Layers eines neuen Treibers implementiert, welches Peer-to-Peer Verbindungen unterstützt, und die Möglichkeit bietet möglichst einfach den Umfang zu erweitern. Dabei wird der von IEEE 802.15.7 veröffentlichte Standard in Betracht gezogen.

Visible light communication describes the wireless transfer of data by using the visible light spectrum. VLC can be used to create small networks which can relieve existing WiFi and mobile networks. Due to

the fact that light does not cause electromagnetic interference it can be used in areas where conventional wireless networks are prohibited or restricted. To enable researchers to conduct experiments with the

VLC technology the OpenVLC project was created. It offers a Linux driver and a hardware extension for the BeagleBone Black. But their driver has severe stability issues and requires an outdated Linux kernel. In this thesis we develop a simple physical layer implementation for the OpenVLC hardware in form or a device driver. It implements parts of the IEEE 802.15.7 standard. Based on the existing implementation from the OpenVLC project we create an updated, more stable and higher performing version. Additionally we document the necessary configuration changes to allow the underlying operating system to deliver higher performance.

To secure the Internet of Things (IoT) while keeping its interoperability with today’s Internet is crucial to unleash the full potential of the IoT. Authentication and Authorization are fundamental guarantees to enable further security and operational challenges. To fulfill these guarantees in complex and diverse scenarios, we propose a solution based on the Authentication and Authorization for Constrained Environments (ACE) Framework, a token-based authorization, and authorization. Our solution, the IPsec profile for ACE, builds on the IPsec protocol suite and the Internet Engineering Task Force (IETF) IoT stack to provide network layer security and IPsec channel establishment based on token provisioning for constrained devices. The Direct Provisioning (DP) of Security Association (SA), symmetric-based authenticated establishment (Internet Key Exchange Protocol version 2 (IKEv2) in Pre-Shared Key (PSK) mode), and asymmetric key-based authenticated establishment (IKEv2 in Certificate-based Public Key (CPK) mode) are specified as ways to establish SAs, i.e., IPsec channels. We provide an implementation for Contiki, an Operating System (OS) for constrained devices such as the Zolertia Firefly. Furthermore, we evaluate our protocol design providing an lower bound for the performance of the profile. The evaluation includes network latency and processing time, energy consumption, memory footprint and packet sizes for the different SA establishment methods. The results provide a benchmark for the different protocol steps as well as aggregated measures for each of the evaluated setups. Our evaluation showed that the DP establishment has the smallest memory footprint and ACE packet size, and at the same time the highest performance. In the other hand, the authenticated establishment featuring IKEv2 in CPK mode, shows the largest memory footprint and packet size, together with the lowest performance of the three SA establishment methods. The trade-off regarding Random Access Memory (RAM) and Read-Only Memory (ROM) footprint, power consumption and network latency and processing time and security guarantees are also described.

Prof. Dr.-Ing. Matthias Hollick

Technische Universität Darmstadt
Department of Computer Science
Secure Mobile Networking Lab 

Mornewegstr. 32 (S4/14)
64293 Darmstadt, Germany

Phone: +49 6151 16-25472
Fax: +49 6151 16-25471

A A A | Drucken Drucken | Impressum Impressum | Sitemap Sitemap | Suche Suche | Kontakt Kontakt | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang