Degree Type
Creative Component
Semester of Graduation
Spring 2019
Department
Electrical and Computer Engineering
First Major Professor
Lotfi Ben-Othmane
Second Major Professor
Doug Jacobson
Degree(s)
Master of Science (MS)
Major(s)
Computer Engineering
Abstract
Arada Locomate On-Board Unit is a vehicle-to-vehicle communication device that supports the WAVE protocol, which is the standard for vehicle to vehicle communication. Successful attacks on the device could be used to control the behavior of the connected vehicle. This creative component assesses the security of the device and discusses the vulnerabilities of the applications installed on the device. It reports about our results to exploit the known vulnerabilities of Dropbear ssh, Busybox telnet, and the Linux kernel, which are installed on the device and discusses how to obtain the private keys of the device to use them for attacks. In addition, it describes our investigation of the existence of exploitable buer over ow in the usbd program, which accepts messages through port 6666 (IRC port). The results are: the exploitation of Dropbear ssh, Busybox telnet failed, the exploitation of the vmsplice vulnerability in the Linux kernel required adapting the exploit to the MIPS architecture, there is no exploitable buer over ow in the usbd; however, the private keys of the device are easily accessible and the user password of the device could be changed without authentication. The current results are not that useful to stage attacks but further work may lead to exploit the device and use it to inject messages to the connected vehicle, e.g., develop an exploit for vmsplice vulnerability for MIPS Linux.
Copyright Owner
Veeraraghava Ramanni Janaarthanan, Sudharrshan
Copyright Year
2019
File Format
Recommended Citation
Veeraraghava, Ramanni J, "Security Analysis of Vehicle to Vehicle Arada Locomate On Board Unit" (2019). Creative Components. 271.
https://lib.dr.iastate.edu/creativecomponents/271
Included in
Digital Communications and Networking Commons, Hardware Systems Commons, Other Computer Engineering Commons