Politecnico di Torino (logo)

Design of Remote Service Infrastructures for Hardware-based Capture-the-Flag Challenges

Luca Marongiu, Mauro Perra

Design of Remote Service Infrastructures for Hardware-based Capture-the-Flag Challenges.

Rel. Paolo Ernesto Prinetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (3MB) | Preview

In recent years, digital technologies have surrounded us in all aspects of everyday life. With such a large amount of data produced and exchanged, the cybersecurity topic has become fundamental, given the strong demand for protecting sensitive information about our private sphere. The rapid growth of this process led to a request for security experts which is certainly oversized if compared to the current available workforce. For this reason, the community tries to involve and train as many people as possible, sometimes experimenting with innovative learning methods that are oriented to gaming and point achievement. This is the case of Capture-the-Flag (CTF) competitions, where participants are asked to deal with real practical examples related to IT security issues, which embed the solution to be achieved through known cyber attack (or defense) techniques. In the current panorama, most of the CTF challenges are more focused to software or network security problems, mainly because they are well supported by a consolidated research branch. Unfortunately, the same does not occur for hardware security, which has emerged in all its importance only in very recent times. In fact, the hardware is at the base of any computing system, and if the security of the electronic components of the systems is not addressed, this can result in the possible ineffectiveness of the protections applied in the overlying software layers. To provide adequate awareness and education for the security threats to which these components are subject, the related CTF challenges should targeting participants with certain skills in the hardware domain, such as knowledge of hardware description languages, or basics of digital hardware design and synthesis. Furthermore, a knowledge of the most common hardware vulnerabilities is required to challengers for solving the challenges. The purpose of this thesis is to help filling the hardware-based challenges gap by developing two environments capable of offering hardware-based challenges as remote services. The environments designed in this thesis exploit the usage of physical hardware devices connected to remote machines, or Electronic Design Automation (EDA) tools for simulating described hardware. The document provides an overview of CTF competitions and the current lack of hardware challenge offerings in major competitions. After that, a description of the service architecture and its possibilities is offered. Significant practical examples of use of the platform are also presented, together with the first experimental data related to the impact from the point of view of resources. The thesis is the result of a joint work between Luca Marongiu who wrote Chapters 1, 2, 5 and appendices A, C, and Mauro Perra who wrote Chapters 3, 4, 6, 7 and appendices B, D.

Relators: Paolo Ernesto Prinetto
Academic year: 2021/22
Publication type: Electronic
Number of Pages: 84
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: UNSPECIFIED
URI: http://webthesis.biblio.polito.it/id/eprint/21134
Modify record (reserved for operators) Modify record (reserved for operators)