簡易檢索 / 詳目顯示

回結果列表
研究生: 田懋祥
TIAN MAO XIANG
論文名稱: 低功率藍牙安全攻防競賽系統之設計與實作
On Design and Implementation of a Wargame System for Bluetooth Low Energy Applications
指導教授: 查士朝
Shi-Cho Cha
洪政煌
Cheng-Huang Hung
口試委員: 鄭欣明
ZHENG XIN MING
葉國暉
SHE YE GUO HUI
學位類別: 碩士
Master
系所名稱: 管理學院 - 資訊管理系
Department of Information Management
論文出版年: 2018
畢業學年度: 106
語文別: 中文
論文頁數: 56
中文關鍵詞: 低功率藍牙資訊安全攻防系統自動部署
外文關鍵詞: BLESecurity, AttackandDefenseSystem, AutomaticDeployment
相關次數: 點閱:188下載:7
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 近年來常有wargame的競賽,以考驗參賽者對資訊安全的知識。但是,當要準備有關於物聯網的競賽題目時,必須花費很多時間在設定環境與設備、燒入韌體。本論文針對物聯網安全中的一個核心技術-低功率藍牙(Bluetooth Low Energy,簡稱BLE),並基於BLE設備之資訊安全,提出並且實作一個低功率藍牙安全攻防系統框架,以便能夠快速生成多項BLE相關的wargame題目。按照本論文框架所實作的系統,能夠利用燒入客製化的韌體進而模擬現實中BLE相關的資安威脅,讓使用者擁有自己的作業環境進行挑戰解題,以便從挑戰學習相關知識。藉由虛擬機的自動部署技術和環境虛擬化,能夠減少人工操作、隔離使用者的執行環境、減少互相干擾的狀況。此外,依本研究架構所實作的系統,只需約20秒,就能夠迅速部署一個wargame題目,而有效的減少許多繁瑣的工作。

    Wargame competition has become a popular form to testify partici-pants security skills. However, when designing the wargame competi-tion for IoT security, we may need to setup a large amount of hardwarewith firmware for the competition. Moreover, people need to spend alot of time on changing the firmware of the device and have the diffi-culty of isolating each user’s environment separately.

    Therefore, this study focuses on BLE security and proposes a sys-tem for deployment wargame competition for BLE security. The pro-posed system can flashes a customized firmware to simulate the realword scenarios of the BLE security. Consequently, the system can cre-ate a simulative environment with several BLE vulnerabilities rapidly.Users can then try to exploit the vulnerabilities in the simulative envi-ronment to demonstrate their familiarity of BLE security. Moreover, asthe proposed system utilize visualization technologies, the system canprovide isolated environment for different users and reduce interfer-ence among the users.

    Furthermore, we have implemented the proposed system and con-ducted a performance test for verification. Compared with flashing thefirmware to each device manually, this study can deploy the environ-ments for BLE security wargame competition in 20 seconds. That is,this study contributes to simplifying the overall process of launching awargame for BLE security.

    目錄 摘要...........................................III Abstract........................................IV 致謝...........................................V 圖目錄..........................................VIII 表目錄..........................................X 第1章緒論.....................................1 1.1研究動機與目的. . . . . . . . . . . . . . . . . . . . . . . . .1 1.2研究貢獻. . . . . . . . . . . . . . . . . . . . . . . . . . . .2 1.3章節介紹. . . . . . . . . . . . . . . . . . . . . . . . . . . .2 第2章文獻探討與背景知識..........................4 2.1資訊安全競賽. . . . . . . . . . . . . . . . . . . . . . . . . .4 2.2物聯網藍牙安全. . . . . . . . . . . . . . . . . . . . . . . . .5 2.3 QEMU-KVM虛擬化. . . . . . . . . . . . . . . . . . . . . . .6 2.4 Nordic藍牙開發板. . . . . . . . . . . . . . . . . . . . . . .7 第3章問題與需求................................9 3.1問題. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 3.2系統角色定義. . . . . . . . . . . . . . . . . . . . . . . . . .10 3.3系統情境與需求. . . . . . . . . . . . . . . . . . . . . . . . .11 第4章系統框架設計與概述..........................13 4.1系統設計. . . . . . . . . . . . . . . . . . . . . . . . . . . .13 4.2系統框架實作概述. . . . . . . . . . . . . . . . . . . . . . .15 第5章系統元件實作...............................17 5.1硬體設備連接與資源池. . . . . . . . . . . . . . . . . . . . .17 5.2題目設計. . . . . . . . . . . . . . . . . . . . . . . . . . . .18 5.3虛擬化與自動部署. . . . . . . . . . . . . . . . . . . . . . .24 5.4網頁接口設計. . . . . . . . . . . . . . . . . . . . . . . . . .27 第6章實驗與結果評估.............................33 6.1系統成果與呈現. . . . . . . . . . . . . . . . . . . . . . . . .33 6.2系統效能測試. . . . . . . . . . . . . . . . . . . . . . . . . .39 第7章結論與未來方向.............................42 參考文獻........................................43

    [1]S. Jasek, “Blue picking - hacking bluetooth smartlocks,” 2017, visited on 2018-05-20. [Online]. Available:https://conference.hitb.org/hitbsecconf2017ams/materials/D2T3%20-%20Slawomir%20Jasek%20-%20Blue%20Picking%20-%20Hacking%20Bluetooth%20Smart%20Locks.pdf
    [2]A. Labs, BlueBorne, visited on 2018-04-20. [Online]. Available:https://www.armis.com/blueborne/
    [3]“Ctf wiki,” visited on 2018-04-20. [Online]. Available:https://ctf-wiki.github.io/ctf-wiki
    [4]E. D. Security, “Btlejuice,” visited on 2018-04-20. [Online].Available:https://github.com/DigitalSecurity/btlejuice
    [5]“Kvm,” visited on 2018-04-20. [Online]. Available:http://www.linux-kvm.org/page/Main_Page
    [6]“libvirt virtualization api,” visited on 2018-05-20. [Online].Available:http://libvirt.org/
    [7]“Qemu,” visited on 2018-04-20. [Online]. Available:http://wiki.qemu.org/Main_Page.
    [8]“Comparison of xen, kvm, and qemu,” visited on 2018-06-8. [Online]. Available:https://www.researchgate.net/figure/Comparison-of-Xen-KVM-and-QEMU_fig1_281177318
    [9]“nrf52832-mdk documentation,” visited on 2018-05-20. [On-line]. Available:https://github.com/makerdiary/nrf52832-mdk43
    [10]“nrf51822,” visited on 2018-04-20. [Online]. Available:https://www.nordicsemi.com/chi/node_176/Bluetooth-R/nRF51822
    [11]“Mbed開 發nrf51-dongle,” visited on 2018-04-20. [Online]. Available:https://os.mbed.com/platforms/Nordic-nRF51-Dongle/
    [12]M. O’Leary, “Innovative pedagogical approaches to a capstonelaboratory course in cyber operations,” in Proceedings of the2017 ACM SIGCSE Technical Symposium on Computer ScienceEducation, ser. SIGCSE ’17. New York, NY, USA: ACM, 2017,pp. 429‒434, visited on 2018-05-20. [Online]. Available:http://doi.acm.org/10.1145/3017680.3017720
    [13]C. Pham, D. Tang, K.-i. Chinen, and R. Beuran, “Cyris: A cyberrange instantiation system for facilitating security training,” inProceedings of the Seventh Symposium on Information andCommunication Technology, ser. SoICT ’16. New York, NY, USA:ACM,2016, pp.251‒258, visitedon2018-05-20.[Online].Available:http://doi.acm.org/10.1145/3011077.3011087
    [14]“Mbed,” visited on 2018-05-20. [Online]. Available:https://www.mbed.com/
    [15]“Gcc arm,” visited on 2018-04-20. [Online]. Avail-able:https://developer.arm.com/open-source/gnu-toolchain/gnu-rm/downloads
    [16]“mbed-cli,” visited on 2018-04-20. [Online].Available:https://github.com/ARMmbed/mbed-cli
    [17]“Jlink driver,” visited on 2018-04-20. [Online]. Available:https://www.segger.com/downloads/jlink/44
    [18]“nrf5x command line tools,” visited on 2018-04-20. [On-line]. Available:http://infocenter.nordicsemi.com/pdf/nRF5x_Command_Line_Tools_v1.3.pdf
    [19]“Docker images and layers,” visited on 2018-04-20. [On-line]. Available:https://docs.docker.com/storage/storagedriver/#images-and-layers
    [20]E. Styger, “Tutorial: Ble pairing the raspberry pi 3model b with hexiwear,” 2016, visited on 2018-05-20. [Online]. Available:https://mcuoneclipse.com/2016/12/19/tutorial-ble-pairing-the-raspberry-pi-3-model-b-with-hexiwear/
    [21]noVNC, “Vnc client using html5 (web sockets, canvas) withencryption (wss://) support.” visited on 2018-05-20. [Online].Available:https://github.com/novnc/noVNC
    [22]“Flask (a python microframework),” visited on 2018-05-20.[Online]. Available:http://flask.pocoo.org/
    [23]“Jinja2 ( a full featured template engine for python),” visited on2018-05-20. [Online]. Available:http://jinja.pocoo.org/
    [24]“Gunicorn - python wsgi http server for unix,” visited on2018-05-20. [Online]. Available:http://gunicorn.org/45

    QR CODE