On this page, you can find results produced from the Threat MOVE project.

Threat MOVE partners consist of KTH Royal Institute of Technology, Foreseeti AB, Volvo Cars, Scania, and F-Secure

 

Work package 2 – Framework

Paper: Wenjun Xiong and Robert Lagerström, “Threat Modeling: A Systematic Literature Review,” Computers & Security, 2019.

Bachelor thesis: Nagy & K. Thai, “Investigating Traditional Software Testing Methods For Use With The Meta Attack Language,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, 2020.

 

Work package 3 – Domain-specific language

Paper: Sotirios Katsikeas, Pontus Johnson, Simon Hacks, and Robert Lagerström, “Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language,” in the Proc. of the 5th International Conference on Information Systems Security and Privacy (ICISSP), Feb. 2019.

Paper: Wenjun Xiong and Robert Lagerström, “Threat Modeling of Connected Vehicles: A privacy analysis and extension of vehicleLang,” in the Proc. of the IEEE Cyber Science conference, June 2019.

Master thesis: Sotirios Katsikeas, “vehicleLang: a probabilistic modelling and simulation language for vehicular cyber attacks,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, Master Thesis, 2018.

Master thesis: Asmelash Girmay Mesele, AUTOSARLang: “Threat Modeling and Attack Simulation for Vehicle Cybersecurity,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, Master Thesis, 2018.

Bachelor thesis: Love Almgren & Johan Holm Åström, ”Probabilistic modelling and attack simulations on AWS Connected Vehicle Solution: An Application of the Meta Attack Language,” Bachelor thesis, KTH Royal Institute of Technology, 2019.

Language implementation: vechicleLang on GitHub

Language implementation: autosarLang on Github

 

Work package 4 – Implementation

securiCAD (supporting MAL-based languages incl. vehicleLang)

 

Work package 5 – Testing and validation

Paper: Wenjun Xiong, Fredrik Krantz, and Robert Lagerström, “Threat modelling and attack simulations of connected vehicles: a research outlook,” in the Proc. of the 5th International Conference on Information Systems Security and Privacy (ICISSP), Feb. 2019.

Master thesis: Nedo Skobalj, “Validating vehicleLang for Domain-specific Threat Modelling of In-vehicle Network,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, Master Thesis, 2019.

Master thesis: Willem van der Schoot, “Validating vehicleLang, a domain-specific threat modelling language, from an attacker and industry perspective,”  KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, 2020.

Bachelor thesis: Fredrik Krantz (supervisor: Associate prof. Robert Lagerström), “Modelling and Security Analysis of Internet Connected Cars,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, Bachelor Thesis, 2018.

 

Work package 6 – Tool chain integration

Paper: Margus Välja, Fredrik Heiding, Robert Lagerström, and Ulrik Franke, “Automating threat modeling using an ontology framework,” in Cybersecurity, Springer Open journal, 2020.

Technical report: Nikolaos Kakouros and Robert Lagerström, “ISO/SAE 21434 support in MAL/securiCAD,” KTH Royal Institute of Technology, 2020.

 

Work package 7 – Vehicle specific security parameters

Paper: Wenjun Xiong, Melek Gülsever, Koray Mustafa Kaya, and Robert Lagerström, “A Study of Security Vulnerabilities and Software Weaknesses in Vehicles,” in the proceedings of the 24th Nordic Conference on Secure IT Systems (NordSec), 2019.

Paper: Joakim Loxdal, Måns Andersson, Simon Hacks, and Robert Lagerström, “Why Phishing Works on Smartphones: A Preliminary Study,” IEEE Hawaii International Conference on System Sciences (HICSS-54), 2020.

Paper: Fredrik Heiding and Robert Lagerström, “Ethical Principles for conducting responsible offensive security training,” IFIP Summer School on Privacy and Identity Management, 2020.

Master thesis: Madeleine Berner, “Where’s My Car? Ethical Hacking of a Smart Garage,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, 2020.

Bachelor thesis: Simon Carlsson and Max Näf (supervisor: Prof. Pontus Johnson), “Internet of Things Hacking,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, Bachelor Thesis, 2018.

Bachelor thesis: Gustav Marstorp and Hannes Lindström (supervisor: Prof. Pontus Johnson), “Security Testing of an OBD-II Connected IoT Device,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, Bachelor Thesis, 2018.

Bachelor thesis: Ludvig Christensen and Daniel Dannberg, ”Ethical hacking of IoT devices: OBD-II dongles,” Bachelor thesis, KTH Royal Institute of Technology, 2019.

Bachelor thesis: Aldin Burdzovic and Jonathan Matsson, ” IoT Penetration Testing: Security analysis of a car dongle,” Bachelor thesis, KTH Royal Institute of Technology, 2019.

Bachelor thesis: Koray Kaya, ”A Study of Vulnerabilities and Weaknesses in Connected Cars,” Bachelor thesis, KTH Royal Institute of Technology, 2019.

Bachelor thesis: Melek Gülsever, ”A Study on Vulnerabilities in Connected Cars,” Bachelor thesis, KTH Royal Institute of Technology, 2019.

Bachelor thesis: S. Berglund & O. Eklund, “Spreading a computer worm over connected cars,” KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, 2020.

Bachelor thesis: J. Loxdal & M. Andersson, “Why Phishing Works on Smartphones,”  KTH Royal Institute of Technology, School of Electrical Engineering and Computer Science, 2020.

 

Work package 8 – Outreach
Vulnerabilities (CVEs):
Ludvig Christensen, Daniel Dannberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12797, Vulnerability in a clone version of an ELM327 OBD2 Bluetooth device, hardcoded PIN leading to arbitrary commands to an OBD-II bus of a vehicle.

Aldin Burdzovic and Jonathan Matsson, CVE-2019-12941, AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device.

CVE-2020-13119  – ismartgate PRO 1.5.9 is vulnerable to clickjacking. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12843  – ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12842  – ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12841  – ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12840  – ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12839  – ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12838  – ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12837  – ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12282  – iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.) Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12281 – iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2020-12280  – iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

 

News:

Svt https://www.svt.se/nyheter/vetenskap/din-garageport-blir-kriminell

Svt https://www.svt.se/nyheter/varningen-uppkopplade-bilar-kan-hackas-och-tas-over

KTH News www.kth.se/aktuellt/nyheter/kth-utbildar-skolelever-i-it-sakerhet-1.1010356

Expressen https://www.expressen.se/dinapengar/sa-stor-ar-risken-att-din-bil-hackas/

Dagens Industri TV Motor https://www.di.se/ditv/motor/di-tv-motor-21-november—se-hela-programmet/

DagensNyheter https://www.dn.se/ekonomi/motor/uppkopplingen-gor-bilen-smartare-men-hackare-kan-ta-kontroll-over-ratten/

DagensNyheter https://www.dn.se/ekonomi/motor/uppkoppling-for-aldre-bil-oppen-for-hackning/

Metro https://www.metro.se/nyheter/forskaren:-dina-hushallsprylar-kan-hackas-och-anvandas-emot-dig-DffDLf8e2

KTH News https://www.kth.se/aktuellt/nyheter/nar-robotdammsugaren-spionerar-pa-dig-1.898460

SR Studio 1 https://sverigesradio.se/sida/artikel.aspx?programid=1637&artikel=7293986

NyTeknik om Threat MOVE https://www.nyteknik.se/digitalisering/foreseetis-kod-ska-skydda-uppkopplade-bilar-fran-hackare-6892180

 

Meetings and conferences:

Robert Lagerström presented threat modeling and ethical hacking at Stora Elektronikdagen(www.smartareelektroniksystem.se/event/summit-2020/) 2020-09-10.

PhD student Sotirios Katsikeas presented a threat modeling language at GraMSec (https://www.gramsec.uni.lu) 2020-06-22.

PhD student Fredrik Heiding presented Ethical principles for hacking education at the IFIP summer school (https://www.ifip-summerschool.org) 2020-09-21

Foreseeti and/or KTH have been presenting vehicleLang and securiCADCar for several non ThreatMOVE participants during the spring 2020, incl. Daimler, AB Volvo, and Copperhorse.

PhD student Wenjun Xiong presented a paper at the 24th Nordic Conference on Secure IT Systems in Aalborg Denmark, 2019-11-19.

Autosec FFI conference in Stockholm at RISE, Threat MOVE presented by Robert Lagerström (KTH), Niklas Wiberg (Scania, and Per Eliasson (foreseeti), 2019-10-10.

PhD student Wenjun Xiong presented a paper at the IEEE Cyber Science conference in Oxford UK, 2019-06-03.

Car security seminar at KTH, arranged by Dex, Robert Lagerström (KTH) and Per Eliasson (foreseeti) presented Threat MOVE, 2019-05-20.

KTH PhD students Sotirios Katsikeas and Wenjun Xiong presented Threat MOVE work at the 5th International Conference on Information Systems Security and Privacy (ICISSP) in February 2019.

Robert Lagerström presented at the Hawaii International Conference on System Sciences (HICSS) January 2019.

Threat MOVE presented by Per Eliasson (Foreseeti) at the Autosec meeting in Gothenburg https://autosec.se/ffi-autosec-conference-2018/

Educational seminar on threat modeling at the eCrime congress in Frankfurt, 2018-01-24.

Per Eliason (foreseeti), Nikolaos Kakouros (KTH) and Niklas Wiberg (Scania) presented the Threat MOVE project at the annual AutoSec (DEx) conference.

The paper ”Why Phishing Works on Smartphones: A Preliminary Study” was presented at the 54th Hawaii International Conference on System Sciences (HICSS) 2021. (https://hicss.hawaii.edu)

The short paper “Detecting plagiarism in penetration testing education” was presented as a poster at Nordsec 2020. (https://nordsec2020.on.liu.se)

 

Podcasts:
Robert Lagerström, KTH, participated in Podcast about communication – robots, cancer cells and cyber security, 2018-03-16.

Robert Lagerström, KTH, participated in Podcast about IT security with RadioScience, 2018-04-20.

 

VideoCybersecurity and ethical hacking of connected vehicles

 

Popular Science:
Young Academy of Sweden, Ett kalejdoskop av kunskap, Santérus Förlag, 2019.
– Robert Lagerström, “En stundande cyberepidemi?”

Young Academy of Sweden, Forskardrömmar – Berättelser för nyfikna barn, Fri Tanke, 2021. (https://fritanke.se/bocker/forskardrommar/)

  • Robert Lagerström, initiator and author
Facebooktwitterredditlinkedinmail