TY - GEN
T1 - Exploiting Buffer Overflow Vulnerabilities in Software Defined Radios
AU - Hitefield, S. D.
AU - Fowler, M.
AU - Clancy, T. Charles
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/7
Y1 - 2018/7
N2 - As wireless systems are becoming more complex, there is a shift towards implementing these systems completely in software and firmware rather than hardware. Software defined radios allow for quickly prototyping, testing, and deployment of flexible systems that can be upgraded in the field. However, since these systems are implemented in software, common coding mistakes in the signal processing modules can leave these systems vulnerable to traditional cyber-security attacks. As software radios become more prevalent in the industry, the risk of these vulnerabilities existing and being exploited in production systems increases significantly. In many cases, wireless security research is focused on the security of specific protocols rather than vulnerabilities in the radios themselves. Our research focuses specifically on these vulnerabilities that can exist in an implementation. We present two different examples of buffer overflow vulnerabilities in the link-layer processing blocks of a GNU Radio waveform. Both of these examples are based on poorly designed implementations and incorrect assumptions concerning the maximum possible length of a received message. By exploiting these vulnerabilities, we were able to successfully demonstrate persistent denial-of-service attacks and also the ability to remotely execute malicious code on the target. While a better implementation would solve these specific issues, these are examples of common programming mistakes that leave the system vulnerable to attack and can be easily overlooked during development.
AB - As wireless systems are becoming more complex, there is a shift towards implementing these systems completely in software and firmware rather than hardware. Software defined radios allow for quickly prototyping, testing, and deployment of flexible systems that can be upgraded in the field. However, since these systems are implemented in software, common coding mistakes in the signal processing modules can leave these systems vulnerable to traditional cyber-security attacks. As software radios become more prevalent in the industry, the risk of these vulnerabilities existing and being exploited in production systems increases significantly. In many cases, wireless security research is focused on the security of specific protocols rather than vulnerabilities in the radios themselves. Our research focuses specifically on these vulnerabilities that can exist in an implementation. We present two different examples of buffer overflow vulnerabilities in the link-layer processing blocks of a GNU Radio waveform. Both of these examples are based on poorly designed implementations and incorrect assumptions concerning the maximum possible length of a received message. By exploiting these vulnerabilities, we were able to successfully demonstrate persistent denial-of-service attacks and also the ability to remotely execute malicious code on the target. While a better implementation would solve these specific issues, these are examples of common programming mistakes that leave the system vulnerable to attack and can be easily overlooked during development.
KW - Communications System Security
KW - Computer Security
KW - Software Radio
KW - Wireless Communication
UR - http://www.scopus.com/inward/record.url?scp=85067858005&partnerID=8YFLogxK
U2 - 10.1109/Cybermatics_2018.2018.00318
DO - 10.1109/Cybermatics_2018.2018.00318
M3 - Conference contribution
AN - SCOPUS:85067858005
T3 - Proceedings - IEEE 2018 International Congress on Cybermatics: 2018 IEEE Conferences on Internet of Things, Green Computing and Communications, Cyber, Physical and Social Computing, Smart Data, Blockchain, Computer and Information Technology, iThings/GreenCom/CPSCom/SmartData/Blockchain/CIT 2018
SP - 1921
EP - 1927
BT - Proceedings - IEEE 2018 International Congress on Cybermatics
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 11th IEEE International Congress on Conferences on Internet of Things, 14th IEEE International Conference on Green Computing and Communications, 11th IEEE International Conference on Cyber, Physical and Social Computing, 4th IEEE International Conference on Smart Data, 1st IEEE International Conference on Blockchain and 18th IEEE International Conference on Computer and Information Technology, iThings/GreenCom/CPSCom/SmartData/Blockchain/CIT 2018
Y2 - 30 July 2018 through 3 August 2018
ER -