MobiDeke Fuzzing the GSM Protocol Stack

More documents

Recommendations

Info

$\H1B%-12345X@PJL JOB “HackingPrinters”$

IntroductionFuzzing over-the-airThe MobiDeke FrameworkConclusionState Machines: Originating a Call example (simplified)SETUPMS:CALL_CONFIRMEDASSIGNMENTASSIGNMENT_COMPLETCONNECTRELEASE BTS:CONNECT_ACKRELEASE SPEAKRELEASERELEASEObservations• There is often a way to exit from astate machine (e.g.: The RELEASEmessage)• Sometimes a state requires userinteraction• There are ‘obscure’ elements: presentin specs, but never seen in real life...ENDMobiDeke: Fuzzing the GSM Protocol Stack 13/38
IntroductionFuzzing over-the-airThe MobiDeke FrameworkConclusionMessage exchangesSome message exchanges can be considered as stateless, but there are also finitestate machinesStateless exchanges• Simple to fuzzFinite state machines• Complex and harder to fuzz• Also harder to program correctly: potential surprisesMobiDeke: Fuzzing the GSM Protocol Stack 14/38
Page 1: MobiDeke: Fuzzing the GSM Protocol
Page 8 and 9: IntroductionFuzzing over-the-airThe
Page 18 and 19: Let’s fuzz it!IntroductionFuzzing
Page 37 and 38: SummaryIntroductionFuzzing over-the
Page 41: IntroductionFuzzing over-the-airThe

MobiDeke Fuzzing the GSM Protocol Stack

Create successful ePaper yourself

Delete template?

Save as template?