niklas/master_thesis
1
0
Fork 0
mirror of https://sharelatex.tu-darmstadt.de/git/681e0e7a3a9c7c9c6b8bb298 synced 2026-02-04 03:07:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c532081e46d21df10f44205707fcf05cef14345e
master_thesis/Chapters/Introduction.tex
nb72soza Bittner f47e437398 Update on Overleaf.
2025-06-29 16:20:47 +00:00

47 lines
3.0 KiB
TeX
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
% !TeX root = ../Thesis.tex
%************************************************
\chapter{Introduction}\label{ch:introduction}
%************************************************
\glsresetall % Resets all acronyms to not used
% todays society is connected
% all devices i.e Smartphones, iot devices, vehicles are connected and often have an SIM -> connect to cellular networks
% The first phones supporting esims released in 2016 with the iphone that supports esim being released in 2018
% in recent years: esims became more and more popular in such applications
% advantages: no need to switch out hardware when getting a new phone contract, easier to switch out the profile when going to a foreign country an getting a temporary phone contract (or something similar)
% adoption of eSIM technology is increasing rapidly due to its flexibility, remote provisioning capability, and suitability for IoT and mobile devices
% most newly released phone support esims -> new attack vector for adversaries
% people with older hardware i.e no esim support by their phone are left out -> introduction of eSIM on SIM
% esim.me marketed their esim on sim as "worlds first eSIM Card" with their launch in 2020
% esim on sim enable old phones to use eSIM via sim slot or other applications
\section{Motivation}
% esim standard is developed by the GSMA, ETSI and 3GPP -> security was build into the design from the ground up
% other researches have already looked at the specs in depth (cite papers here)
% implementation of the esim firmware is still up to the manufacturs which develope their own versions -> possibility of vulnerabilities in their implementations
% lack of formal security evaluation
% security vulnerabilities can have a major impact -> persistence of exploits are high: malicouse profiles may persist accross reboots or even device resets; often low level and invisible -> particularly dangerous and hard to detect
% sims have direct, priviledged, unfiltered access to the baseband
% non standard implementations may introduce bugs or security flaws
% esim specs may have been interpretated differently by the different vendors
% differential testing offers automated and scalable method to detect inconsistency in the different implementations -> comparing output of multiple esim on sim implementations against the same inputs
\section{Contribution}
% implement framework for differential testing of esims (esims and esim on sim)
% containing: fuzzing of structural input when communicating with the esim, fuzzing on transport level, tracing and replaying recordings from one esim to another; make it accessible via cli and as a library for scripting
% using the tracing functionality we discover first implementation differences in the implementation
% reverse engineer the update functionality of the estk.me esim
% demonstrate the framworks ability in security research:
% discover and evaluate bug in the profile provisioning process of one manufacturer -> evaluate the impact
\section{Outline}
Reference in New Issue View Git Blame Copy Permalink