Showing 1–3 of 3 results for author: Heyszl, J

Secure and User-Friendly Over-the-Air Firmware Distribution in a Portable Faraday Cage

Authors: Martin Striegel, Florian Jakobsmeier, Yacov Matveev, Johann Heyszl, Georg Sigl

Abstract: Setting up a large-scale wireless sensor network is challenging, as firmware must be distributed and trust between sensor nodes and a backend needs to be established. To perform this task efficiently, we propose an approach named Box, which utilizes an intelligent Faraday cage (FC). The FC acquires firmware images and secret keys from a backend, patches the firmware with the keys and deploys those… ▽ More Setting up a large-scale wireless sensor network is challenging, as firmware must be distributed and trust between sensor nodes and a backend needs to be established. To perform this task efficiently, we propose an approach named Box, which utilizes an intelligent Faraday cage (FC). The FC acquires firmware images and secret keys from a backend, patches the firmware with the keys and deploys those customized images over the air to sensor nodes placed in the FC. Electromagnetic shielding protects this exchange against passive attackers. We place few demands on the sensor node, not requiring additional hardware components or firmware customized by the manufacturer. We describe this novel workflow, implement the Box and a backend system and demonstrate the feasibility of our approach by batch-deploying firmware to multiple commercial off-the-shelf sensor nodes. We conduct a user-study with 31 participants with diverse backgrounds and find, that our approach is both faster and more user-friendly than firmware distribution over a wired connection. △ Less

Submitted 25 May, 2020; originally announced May 2020.

Comments: 11 pages, 5 figures. Accepted at 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '20), July 8--10, 2020, Linz (Virtual Event), Austria

EyeSec: A Retrofittable Augmented Reality Tool for Troubleshooting Wireless Sensor Networks in the Field

Authors: Martin Striegel, Carsten Rolfes, Johann Heyszl, Fabian Helfert, Maximilian Hornung, Georg Sigl

Abstract: Wireless Sensor Networks (WSNs) often lack interfaces for remote debugging. Thus, fault diagnosis and troubleshooting are conducted at the deployment site. Currently, WSN operators lack dedicated tools that aid them in this process. Therefore, we introduce EyeSec, a tool for WSN monitoring and maintenance in the field. An Augmented Reality Device (AR Device) identifies sensor nodes using optical m… ▽ More Wireless Sensor Networks (WSNs) often lack interfaces for remote debugging. Thus, fault diagnosis and troubleshooting are conducted at the deployment site. Currently, WSN operators lack dedicated tools that aid them in this process. Therefore, we introduce EyeSec, a tool for WSN monitoring and maintenance in the field. An Augmented Reality Device (AR Device) identifies sensor nodes using optical markers. Portable Sniffer Units capture network traffic and extract information. With those data, the AR Device network topology and data flows between sensor nodes are visualized. Unlike previous tools, EyeSec is fully portable, independent of any given infrastructure and does not require dedicated and expensive AR hardware. Using passive inspection only, it can be retrofitted to already deployed WSNs. We implemented a proof of concept on low-cost embedded hardware and commodity smart phones and demonstrate the usage of EyeSec within a WSN test bed using the 6LoWPAN transmission protocol. △ Less

Submitted 8 July, 2019; originally announced July 2019.

Comments: Published at the International Conference on Embedded Wireless Systems and Networks (EWSN) 2019

ACM Class: H.4.m; H.5.2; C.2.3; C.2.4

Journal ref: Proceedings of the 2019 International Conference on Embedded Wireless Systems and Networks, EWSN 2019, Beijing, China, February 25-27, 2019

AutoLock: Why Cache Attacks on ARM Are Harder Than You Think

Authors: Marc Green, Leandro Rodrigues-Lima, Andreas Zankl, Gorka Irazoqui, Johann Heyszl, Thomas Eisenbarth

Abstract: Attacks on the microarchitecture of modern processors have become a practical threat to security and privacy in desktop and cloud computing. Recently, cache attacks have successfully been demonstrated on ARM based mobile devices, suggesting they are as vulnerable as their desktop or server counterparts. In this work, we show that previous literature might have left an overly pessimistic conclusion… ▽ More Attacks on the microarchitecture of modern processors have become a practical threat to security and privacy in desktop and cloud computing. Recently, cache attacks have successfully been demonstrated on ARM based mobile devices, suggesting they are as vulnerable as their desktop or server counterparts. In this work, we show that previous literature might have left an overly pessimistic conclusion of ARM's security as we unveil AutoLock: an internal performance enhancement found in inclusive cache levels of ARM processors that adversely affects Evict+Time, Prime+Probe, and Evict+Reload attacks. AutoLock's presence on system-on-chips (SoCs) is not publicly documented, yet knowing that it is implemented is vital to correctly assess the risk of cache attacks. We therefore provide a detailed description of the feature and propose three ways to detect its presence on actual SoCs. We illustrate how AutoLock impedes cross-core cache evictions, but show that its effect can also be compensated in a practical attack. Our findings highlight the intricacies of cache attacks on ARM and suggest that a fair and comprehensive vulnerability assessment requires an in-depth understanding of ARM's cache architectures and rigorous testing across a broad range of ARM based devices. △ Less

Submitted 28 March, 2017; originally announced March 2017.