Etd

Aloja: Breaking IoT Software Homogeneity with Protocol Mutations

Public

Downloadable Content

open in viewer

Internet-of-things devices are widely deployed and suffer from easy-to-exploit securityissues. Due to code and platform reuse the same vulnerability oftentimes ends up affectinga large installed base. These circumstances—poor-quality code paired with softwarehomogeneity—are similar to those which gave rise to internet worms, such as CodeRed,in the early 2000’s. Indeed, the same circumstances have already enabled the creation ofbotnets such as Mirai; more destructive types of attacks, like ones in which compromiseddevices disrupt the power grid, are likely in the near future.In this thesis, we tackle one of the enabling factors of these attacks: software homo-geneity. We proposeALOJA, a technique to inject syntax mutations in application-levelnetwork protocols used in the IoT space.ALOJAmakes it easy to diversify a protocol intoa myriad of functionally identical—but syntactically different—dialects, at the granularityof individual deployments or even devices. This form of moving-target defense disruptslarge-scale scanning and compromise of IoT devices, by preventing fast-propagating, one-size-fits-all network exploits.ALOJA’s mutations can be static or dynamic (i.e., evolvingwith time), covering different use cases and threat models. Internally,ALOJAidentifiesmessage constructor and parser functions using a novel static analysis algorithm. It thenmodifies these functions by injecting code templates, which cause mutations in the wireformat of the protocol.

Creator
Contributors
Degree
Unit
Publisher
Identifier
  • etd-21821
Advisor
Defense date
Year
  • 2021
Date created
  • 2021-05-04
Resource type
Rights statement

Relations

In Collection:

Items

Items

Permanent link to this page: https://digital.wpi.edu/show/00000322n