Security of firmware update mechanisms within SOHO routers

Security of firmware update mechanisms within SOHO routers

Purpose of this thesis was to analyze the state of firmware update security within SOHO (Small Office/Home Office) routers as anecdotal claims of insecure routers are common and firmware updates are critical to the overall device security. A case study was performed, where 12 devices were analyzed u...

Full description

Bibliographic Details
Main Author: Kolehmainen, Santtu
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, Informaatioteknologia, Information Technology, Jyväskylän yliopisto, University of Jyväskylä
Format: Master's thesis
Language:eng
Published: 2019
Subjects:
firmware updates
embedded systems
firmware analysis
Tietotekniikka
Mathematical Information Technology
602
sulautettu tietotekniikka
takaisinmallinnus
turvallisuusanalyysi
ubiquitous computing
reverse engineering
security analysis
Online Access: https://jyx.jyu.fi/handle/123456789/64101
Description
Summary:Purpose of this thesis was to analyze the state of firmware update security within SOHO (Small Office/Home Office) routers as anecdotal claims of insecure routers are common and firmware updates are critical to the overall device security. A case study was performed, where 12 devices were analyzed using network and firmware level analysis. Analyzed devices were found to have trivial vulnerabilities where Man-In-The-Middle attacker could deny further updates or install malicious firmware through the network update mechanism. Results highlight the need for large-scale security analysis of similar devices and more secure development practices.

Similar Items