research-article

A Versatile Emulator of MitM for the identification of vulnerabilities of IoT devices, a case of study: smartphones

Authors:

Mohamed Amine Khelif,

Jordane Lorandel,

Olivier Romain,

Matthieu Regnery,

Denis BaheuxAuthors Info & Claims

ICFNDS '19: Proceedings of the 3rd International Conference on Future Networks and Distributed Systems

Article No.: 28, Pages 1 - 6

https://doi.org/10.1145/3341325.3342019

Published: 01 July 2019 Publication History

Abstract

With the emergence of Internet of Things (IoT) and the proliferation of communicating objects, new security issues appear. These devices store a significant amount of personal and sensitive data that must be strongly protected. In most of the case, they are more protected against communication attacks than hardware attacks. Smartphones, as the most popular connected object, represent the perfect example of study for a hardware attack on PCIe data bus. In this paper, we present an emulator of Man-in-the-Middle (MitM) attack for vulnerabilities identification in IoT devices. The proposed architecture performs a real-time data analysis, extraction and fault injection. The invisibility of MitM attack represent the main challenge of the implementation, that could be done by respecting the highly constraining requirements of the PCIe protocol such as response time, frequency and throughput.

References

[1]

Ramtin Amin. 2019. Demystifying the i-Device NVMe NAND (New storage used by Apple). Online, https://ramtin-amin.fr/.

[2]

Apple. 2018. iOS Security iOS 12.1. Technical Report. Apple Inc.

[3]

Adam Bauer. 2019. Lookout discovers phishing sites distributing new iOS and Android surveillanceware. Online, https://blog.lookout.com/esurv-research.

[4]

Matt Brian. 2011. DroidKungFu Android malware steals sensitive data, avoids anti-virus detection. Online, https://thenextweb.com/google/2011/06/05/droidkungfu-android-malware-steals-sensitive-data-avoids-anti-virus-detection/.

[5]

Intel Corporation. 2017. Stratix V Avalon-ST Interface for PCIe Solutions, User Guide. Intel Corporation.

[6]

Mitre Corporation. 2018. CVE Details The ultimate security vulnerability datasource. Online, https://www.cvedetails.com.

[7]

Luis Felipe Epia Realpe, Octavio José Salcedo Parra, and Julio Barón Velandia. 2019. Use of KRACK Attack to Obtain Sensitive Information. In Mobile, Secure, and Programmable Networking, Éric Renault, Selma Boumerdassi, and Samia Bouzefrane (Eds.). Springer International Publishing, Cham, 270--276.

[8]

NVM Express. 2017. NVM Express Revision 1.3. Technical Report. NVM Express.

[9]

Thomas Fox-Brewster. 2018. Cellebrite: We Keep iPhone Flaws Secret For The Public's Safety. Online, https://www.forbes.com/sites/thomasbrewster/2018/03/01/apple-iphone-vulnerabilities-kept-secret-by-cellebrite/.

[10]

Thomas Fox-Brewster. 2018. The Feds Can Now (Probably) Unlock Every iPhone Model In Existence. Online, https://www.forbes.com/sites/thomasbrewster/2018/02/26/government-can-access-any-apple-iphone-cellebrite/.

[11]

Thomas Fox-Brewster. 2018. Mysterious 15,000 dollars GrayKey Promises To Unlock iPhone X For The Feds. Online, https://www.forbes.com/sites/thomasbrewster/2018/03/05/apple-iphone-x-graykey-hack/.

[12]

Daniel Genkin, Lev Pachmanov, Itamar Pipman, Eran Tromer, and Yuval Yarom. 2016. ECDSA key extraction from mobile devices via nonintrusive physical side channels. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1626--1638.

Digital Library

[13]

Manu Gulati, Michael J Smith, and Shu-Yi Yu. 2014. Security enclave processor for a system on a chip. US Patent 8,832,465.

[14]

Cedric Halbronn and Jean Sigwald. 2010. iPhone security model & vulnerabilities. In Proceedings of Hack in the box sec-conference. Kuala Lumpur, Malaysia.

[15]

Christopher Hensler and Patrick Tague. 2019. Using Bluetooth Low Energy Spoofing to Dispute Device Details: Demo. In Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '19). ACM, New York, NY, USA, 340--342.

Digital Library

[16]

Mike Jackson, Ravi Budruk, Joseph Winkles, and Don Anderson. 2012. PCI Express Technology 3.0. Mindshare Press, The address.

Digital Library

[17]

Ben Lapid and Avishai Wool. 2018. Cache-attacks on the ARM Trust-Zone implementations of AES-256 and AES-256-GCM via GPU-based analysis. In International Conference on Selected Areas in Cryptography. Springer, 235--256.

[18]

Billy Lau, Yeongjin Jang, Chengyu Song, Tielei Wang, Pak Ho Chung, and Paul Royal. 2013. Mactans: Injecting malware into iOS devices via malicious chargers. Black Hat USA (2013).

[19]

Tarjei Mandt, Mathew Solnik, and David Wang. 2016. Demystifying the Secure Enclave Processor. Black Hat Las Vegas (2016).

[20]

Charlie Miller. 2012. Exploring the NFC attack surface. Proceedings of Blackhat (2012).

[21]

Mathieu Renard. 2014. Investigation numérique & terminaux Apple iOS: Acquisition de données. SSTIC conference (2014).

[22]

Lionel Riviere, Zakaria Najm, Pablo Rauzy, Jean-Luc Danger, Julien Bringer, and Laurent Sauvage. 2015. High precision fault injections on the instruction cache of ARMv7-M architectures. In 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 62--67.

[23]

Rafia Shaikh. 2017. Hacker Releases iPhone 5s Secure Enclave Decryption Keys. Online, https://wccftech.com/iphone-5s-secure-enclave-hack/.

[24]

Omer Shwartz, Amir Cohen, Asaf Shabtai, and Yossi Oren. 2017. Shattered trust: when replacement smartphone components attack. In 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17).

Digital Library

[25]

Sergei Skorobogatov. 2016. The bumpy road towards iPhone 5c NAND mirroring. arXiv e-prints, Article arXiv:1609.04327 (September 2016), arXiv:1609.04327 pages. arXiv:cs.CR/1609.04327

[26]

Check Point Software technologies LTD. 2014. OldBoot: A New Bootkit for Android. Online, https://blog.checkpoint.com/2014/01/29/oldboot-a-new-bootkit-for-android/.

[27]

Check Point Software technologies LTD. 2017. How the CopyCat malware infected Android devices around the world. Online, https://blog.checkpoint.com/2017/07/06/how-the-copycat-malware-infected-android-devices-around-the-world/.

[28]

Check Point Software technologies LTD. 2018. When Ransomware Goes Mobile. Online, https://blog.checkpoint.com/2018/06/15/when-ransomware-goes-mobile/.

[29]

A. Vasselle, H. Thiebeauld, Q. Maouhoub, A. Morisset, and S. Ermeneux. 2018. Laser-Induced Fault Injection on Smartphone Bypassing the Secure Boot. IEEE Trans. Comput. (2018), 1--1.

[30]

Xillybus. 2018. Xillybus IP core product brief. Xillybus Ltd.

[31]

Fenghao Xu, Wenrui Diao, Zhou Li, Jiongyi Chen, and Kehuan Zhang. 2019. BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals. In Proceedings of the 26th Annual Network and Distributed System Security Symposium (NDSS'19), San Diego, CA.

[32]

Veo Zhang. 2016. 'GODLESS' Mobile Malware Uses Multiple Exploits to Root Devices. Online, https://blog.trendmicro.com/trendlabs-security-intelligence/godless-mobile-malware-uses-multiple-exploits-root-devices/.

Cited By

Rwegasira DYustina LMazana M(2024)Assessment of the Effect of Users Satisfaction with the e-Passport System on Service Delivery in the Tanzania Immigration Service DepartmentAfrican Journal of Empirical Research10.51867/ajernet.5.3.1115:3(1301-1312)Online publication date: 25-Sep-2024
https://doi.org/10.51867/ajernet.5.3.111
Wijesundara WLee JTith DAloupogianni ESuzuki HObi T(2024)Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologiesInternational Journal of Information Security10.1007/s10207-024-00827-x23:3(1927-1937)Online publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1007/s10207-024-00827-x
Khelif MLorandel JRomain O(2022)Experimental interfacing with the IPhone 6s through its PCIe communication bus2022 IEEE 31st International Symposium on Industrial Electronics (ISIE)10.1109/ISIE51582.2022.9831665(631-634)Online publication date: 1-Jun-2022
https://doi.org/10.1109/ISIE51582.2022.9831665
Show More Cited By

Recommendations

Toward a hardware man-in-the-middle attack on PCIe bus
Abstract
The growing need for high rate communication of recent embedded systems is leading to the adoption of the PCIe protocol (Peripheral Component Interconnect express) as an internal data bus. This technology is used in some recent ...
Man in the Browser Attacks

Man-in-the-Browser attacks are a sophisticated new hacking technique associated with Internet crime, especially that which targets customers of Internet banking. The security community has been aware of them as such for time but they have grown in ...
Portable DoS Test Tool for IoT Devices
IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy

In the recent years, internet-of-things (IoT) devices have attracted an increasing share of attention, and the vulnerability of IoT devices has been clarified. For example, the IoT malware {¥it Mirai} constructs a bot using the vulnerability of IoT ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICFNDS '19: Proceedings of the 3rd International Conference on Future Networks and Distributed Systems

July 2019

346 pages

ISBN:9781450371636

DOI:10.1145/3341325

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

CNAM: Conservatoire des Arts et Métiers

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICFNDS '19

ICFNDS '19: 3rd International Conference on Future Networks and Distributed Systems

July 1 - 2, 2019

Paris, France

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
193
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)2

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Rwegasira DYustina LMazana M(2024)Assessment of the Effect of Users Satisfaction with the e-Passport System on Service Delivery in the Tanzania Immigration Service DepartmentAfrican Journal of Empirical Research10.51867/ajernet.5.3.1115:3(1301-1312)Online publication date: 25-Sep-2024
https://doi.org/10.51867/ajernet.5.3.111
Wijesundara WLee JTith DAloupogianni ESuzuki HObi T(2024)Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologiesInternational Journal of Information Security10.1007/s10207-024-00827-x23:3(1927-1937)Online publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1007/s10207-024-00827-x
Khelif MLorandel JRomain O(2022)Experimental interfacing with the IPhone 6s through its PCIe communication bus2022 IEEE 31st International Symposium on Industrial Electronics (ISIE)10.1109/ISIE51582.2022.9831665(631-634)Online publication date: 1-Jun-2022
https://doi.org/10.1109/ISIE51582.2022.9831665
Khelif MLorandel JRomain O(2021)Non-invasive I2C Hardware Trojan Attack Vector2021 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)10.1109/DFT52944.2021.9568347(1-6)Online publication date: 6-Oct-2021
https://doi.org/10.1109/DFT52944.2021.9568347
Mohamed Amine qJordane LOlivier R(2020)Hardware Man-in-the-Middle Attacks on SmartphonesForensic Science Today10.17352/fst.0000166:1(012-015)Online publication date: 28-Apr-2020
https://doi.org/10.17352/fst.000016
Zagi LAziz B(2020)Privacy Attack On IoT: a Systematic Literature Review2020 International Conference on ICT for Smart Society (ICISS)10.1109/ICISS50791.2020.9307568(1-8)Online publication date: 19-Nov-2020
https://doi.org/10.1109/ICISS50791.2020.9307568

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents