Tesi etd-06282018-194911 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
MARCHETTI, DANIELE
URN
etd-06282018-194911
Titolo
Hacking cars by means of software defined radio
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
COMPUTER ENGINEERING
Relatori
relatore Dini, Gianluca
relatore Bernardeschi, Cinzia
relatore Del Signore, Emiliano
relatore Bernardeschi, Cinzia
relatore Del Signore, Emiliano
Parole chiave
- automotive
- car
- cybersecurity
- jamming
- pke
- relay
- replay
- rke
- rolling code
Data inizio appello
20/07/2018
Consultabilità
Completa
Riassunto
Cars companies are continuously improving the user’s experience for their customers. One of the aspect on which such companies are focusing, in recent years, is the car’s opening system. They are trying to make the car’s entrance easier, more comfortable and more efficient for users. This goes to the detriment of security. The opening system manages the opening and the closing of the car’s doors and the start of the engine. The key system can be divided into 3 categories: RKE (remote keyless entry system), PKES (passive keyless entry system) and Immobilizers systems.
In this thesis, these categories have been studied in their cybersecurity aspects. In particular, the current known attacks, for each category, are explained. From these attacks, the “Jam and Replay” attack against RKE systems and the relay attack against PKE systems have been chosen to be reproduced and tested on some car models. The objective is to demonstrate that these attacks are actually feasible with a low-cost equipment. The jam and replay attack has been successfully implemented with different low-cost Software Defined Radios (SDRs): rtl-sdr, LimeSdr and HackRF. The behaviour of the SDRs has been coded with GnuRadio and some Python scripts. The attacks have been performed on different car models, in different scenario (residential areas, parking areas, isolated areas) and the have been gathered and analysed, demonstrating that it is possible to open an RKES car. The relay attack has been implemented physically by using two LF antennas linked through a cable. Finally, since the jamming attack is very diffused in public places like Gas stations, a simple application to discover the presence of a possible jammer has been implemented. The objective was to use SDRs and smartphones to build a mobile system able to detect the presence of a constant strong signal at a certain frequency. An android application that uses a Java version of the Hackrf library is presented in the last part of this thesis.
This thesis has been done in collaboration with Direzione centrale per la Polizia stradale, ferroviaria, delle comunicazioni e per i Reparti speciali della Polizia di Stato.
In this thesis, these categories have been studied in their cybersecurity aspects. In particular, the current known attacks, for each category, are explained. From these attacks, the “Jam and Replay” attack against RKE systems and the relay attack against PKE systems have been chosen to be reproduced and tested on some car models. The objective is to demonstrate that these attacks are actually feasible with a low-cost equipment. The jam and replay attack has been successfully implemented with different low-cost Software Defined Radios (SDRs): rtl-sdr, LimeSdr and HackRF. The behaviour of the SDRs has been coded with GnuRadio and some Python scripts. The attacks have been performed on different car models, in different scenario (residential areas, parking areas, isolated areas) and the have been gathered and analysed, demonstrating that it is possible to open an RKES car. The relay attack has been implemented physically by using two LF antennas linked through a cable. Finally, since the jamming attack is very diffused in public places like Gas stations, a simple application to discover the presence of a possible jammer has been implemented. The objective was to use SDRs and smartphones to build a mobile system able to detect the presence of a constant strong signal at a certain frequency. An android application that uses a Java version of the Hackrf library is presented in the last part of this thesis.
This thesis has been done in collaboration with Direzione centrale per la Polizia stradale, ferroviaria, delle comunicazioni e per i Reparti speciali della Polizia di Stato.
File
Nome file | Dimensione |
---|---|
reportCa...urity.pdf | 2.54 Mb |
Contatta l’autore |