fullrecord |
[{"key": "dc.contributor.advisor", "value": "Frantti, Tapio", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Franssila, Antti-Jaakko", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2024-12-13T09:14:13Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2024-12-13T09:14:13Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2024", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/98997", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "In this thesis a command and control (C2) channel was created using ultrasound and it was investigated whether ultrasound is a viable method for commanding an \u201cair-gap\u201d isolated target. In this way, the thesis adds insight into the use of alternative communication methods to overcome air-gap isolation and highlights potential new threats that should be considered for high-profile targets.\nThe research methodology of the thesis was design science research, which was carried out in practice by performing measurements and tests using software designed for ultrasonic C2-channel. Based on the results of the tests, the software was further developed to identify potential and limits of the ultrasonic C2-channel.\nA mesh technique was implemented in order to increase the range of the ultrasonic C2-channel and research was made to find the best trade-off between range and bandwidth. The impact of various additional devices on the command channel was tested to identify their risks and potential. The C2-channel was integrated with Cobalt Strike, a well-known software framework designed for command channels, to enhance the capabilities of the C2-channel and to see if it makes sense to use the existing software framework with an ultrasonic C2-channel.\nThe tests in the thesis showed that the main factor influencing the performance of the C2-channel was the hardware in use, i.e. the speakers and microphones of the commanding device and the target. The range between the two devices was 2\u20136 meters and the data transfer rate was around 25 bytes per second, which allows for fast execution of short commands, but limits, for example, data theft significantly. With mesh technology, the range can be substantially increased, but this also increases the latency of the C2-channel, and the real-world implementation of mesh network is challenging.\nThe conclusion of the thesis was that ultrasound is a viable technique for creating a C2-channel and overcoming an \"air-gap\" isolation. The method increases attacker's ability to affect the target, but still requires access to the target in close proximity. Especially for malicious actors inside the target, the ultrasonic C2-channel creates new ways to bypass target\u2019s security mechanisms.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Tutkielmassa luotiin tavallisissa ty\u00f6asemissa toimiva komentokanava ultra\u00e4\u00e4nt\u00e4 k\u00e4ytt\u00e4en ja selvitettiin, onko ultra\u00e4\u00e4ni varteenotettava menetelm\u00e4 \u201dair-gap\u201d-eristetyn kohteen komentamiseen. N\u00e4in pyrittiin lis\u00e4\u00e4m\u00e4\u00e4n tietoa vaihtoehtoisten tiedonsiirtomenetelmien k\u00e4yt\u00f6st\u00e4 \u201dair-gap\u201d-eristyksen ylitt\u00e4miseen ja tuomaan esille mahdollisia uusia uhkia, joita korkean profiilin kohteissa olisi hyv\u00e4 huomioida.\nTutkimusmenetelm\u00e4n\u00e4 oli suunnittelututkimus, joka k\u00e4yt\u00e4nn\u00f6n tasolla toteutettiin suorittamalla mittauksia ja testej\u00e4 ultra\u00e4\u00e4nikomentokanavaa varten suunnitellun ohjelmiston avulla. Testien tulosten pohjalta ohjelmistoa kehitettiin, jotta ultra\u00e4\u00e4nikomentokanavan mahdollisuudet ja rajat saatiin selville.\nUltra\u00e4\u00e4nell\u00e4 toteutetun komentokanavan potentiaalia kasvatettiin muun muassa mahdollistamalla komentokanavan toiminta mesh-periaatteella ja etsim\u00e4ll\u00e4 parasta taajuutta kantaman ja datansiirtonopeuden kompromissiksi. Erilaisten lis\u00e4laitteiden vaikutuksia komentokanavaan testattiin niiden riskien ja mahdollisuuksien selvitt\u00e4miseksi. Komentokanavalle luotiin my\u00f6s integraatio Cobalt Strikeen, joka on tunnettu komentokanavien k\u00e4ytt\u00f6\u00f6n suunniteltu ohjelmistokehys. T\u00e4t\u00e4 kautta lis\u00e4ttiin komentokanavan ominaisuuksia ja selvitettiin, onko valmiin ohjelmistokehyksen k\u00e4ytt\u00f6 ultra\u00e4\u00e4nell\u00e4 toimivan komentokanavan kanssa j\u00e4rkev\u00e4\u00e4.\nTutkielman testeiss\u00e4 saatiin selville, ett\u00e4 suurin vaikuttava tekij\u00e4 komentokanavan toimintaan oli k\u00e4yt\u00f6ss\u00e4 oleva laitteisto eli komentavan laitteen ja kohteen kaiuttimet ja mikrofonit. Kahden laitteen v\u00e4lill\u00e4 kantama oli 2\u20136 metri\u00e4 ja tiedonsiirtonopeus noin 25 tavua sekunnissa, mik\u00e4 mahdollistaa lyhyiden komentojen nopean suorittamisen, mutta rajoittaa esimerkiksi datan varastamista huomattavasti. Mesh-tekniikalla kantamaa voidaan kasvattaa merkitt\u00e4v\u00e4sti, mutta t\u00e4ll\u00f6in my\u00f6s komentokanavan viive lis\u00e4\u00e4ntyy ja mesh-toteutuksen implementointi reaalimaailmassa on haastavaa.\nTutkielman lopputulokseksi saatiin, ett\u00e4 ultra\u00e4\u00e4ni on varteenotettava keino komentokanavan luomiseen ja \u201dair-gap\u201d-eristyksen ylitt\u00e4miseen. Menetelm\u00e4 lis\u00e4\u00e4 hy\u00f6kk\u00e4\u00e4j\u00e4n mahdollisuuksia vaikuttaa kohteeseen, mutta edellytt\u00e4\u00e4 kuitenkin p\u00e4\u00e4sy\u00e4 kohteen l\u00e4helle. Etenkin kohteen sis\u00e4isille haitallisille toimijoille menetelm\u00e4 luo uusia mahdollisuuksia turvamekanismien ohittamiseen.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by jyx lomake-julkaisija (jyx-julkaisija.group@korppi.jyu.fi) on 2024-12-13T09:14:13Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2024-12-13T09:14:13Z (GMT). No. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "74", "language": null, "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.title", "value": "Tuntematon yhteys: \u201dAir-gap\u201d-eristetyn kohteen komentaminen ultra\u00e4\u00e4nell\u00e4", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202412137819", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Master's Degree Programme in Cyber Security", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Kyberturvallisuuden maisteriohjelma", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.copyright", "value": "\u00a9 The Author(s)", "language": null, "element": "rights", "qualifier": "copyright", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
|