Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Investigation of home router security
KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS. (CCSlab)
2010 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Home routers are common in every household that has some kind of Internet connectivity. These embedded devices are running services such as web, file and DHCP server. Even though they have the same security issues as regular computers, they do no run protection software such as anti-virus and they are not updated. Moreover, the importance of these devices is misjudged; all network traffic is passing through them and they control the DNS of the network while, in most cases, they are on-line around the clock. When more and more non-Internet features are implemented into home routers, such as Voice over IP and network storage, their role becomes more special and many security concerns are raising. In this thesis, we investigate the issues resulting from this special role; the importance for these devices to be secure, the attacking vector and how the devices can be compromised to be part of a large home router botnet. We conclude by proposing ways to make the current implementation more secure, suggesting ways to protect routers from botnets without user interaction, that is from the ISP, while respecting the privacy of the end user and we identify what future work needs to be done.

Abstract [sv]

Router är vanliga i hem som har någon slags Internet anslutning. De här inbyggda enheter kör tjänster som t.ex. web, file och DHCP basenheter. Fastän de har samma säkerhetsfrågor som vanliga datorer, så kan de inte använda säkerhets mjukvara som t.ex anti-virus och de är inte uppdaterade. Dessutom har betydelsen av de här apparaterna blivit felbedömmat; hela nätverket passerar genom dem och de kontrolerar nätverkets DNS medan, i de flesta fall, de är on-line dygnet runt. Men, när mer och mer icke-Internet lockvaror fars in i routern, som t.ex Voice över IP och nätverkslagring, blir deras roll viktigare och oron för säkerheten växer. I den här avhandlingen utforskars problemen och frågorna som efterföljer deras speciella roll, hur viktigt det är att de här apparaterna är skyddade, (the attacking vector) och hur de här apparaterna kan bli jämkningad för att bli en del av ett stort router botnet. Vi avsluter med att lägga fram sätt att göra det nuvarande verktyget mer skyddat, föreslå sätt att skydda routern från botnet utan användarinteraktion, som kommer från ISP, medan man respekterar det andra användarens privtaliv och markera vad som behövs ändras i framtiden.

Place, publisher, year, edition, pages
2010. , 74 p.
Series
TRITA-ICT-EX, 38
Keyword [en]
Home router, SOHO routers, security, security of embedded devices, CSRF, UPnP hack
National Category
Communication Systems
Identifiers
URN: urn:nbn:se:kth:diva-91107OAI: oai:DiVA.org:kth-91107DiVA: diva2:508254
Subject / course
Communications Systems
Educational program
Master of Science - Network Services and Systems
Presentation
2010-03-11, Seminar room Grimeton, Isafjordsgatan 22, Kista, 16:00 (English)
Uppsok
Technology
Supervisors
Examiners
Available from: 2012-03-08 Created: 2012-03-07 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(1646 kB)558 downloads
File information
File name FULLTEXT01.pdfFile size 1646 kBChecksum SHA-512
42d9fb1bffcfb5d00b21b9a4fae09813fa2020101549bb17b0632d3a9687ee7d4696761953ddc280871c6754bae7f8c208f162f3da4fb4a60a7fcafa52e68827
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Karamanos, Emmanouil
By organisation
Communication Systems, CoS
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 558 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 2158 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf