sponsors
usenix conference policies
Automated Reverse Engineering using Lego®
Georg Chalupar and Stefan Peherstorfer, University of Applied Sciences Upper Austria; Erik Poll and Joeri de Ruiter, Radboud University Nijmegen
State machine learning is a useful technique for automating reverse engineering. In essence, it involves fuzzing different sequences of inputs for a system. We show that this technique can be successfully used to reverse engineer hand-held smartcard readers for Internet banking, by using a Lego robot to operate these devices. In particular, the state machines that are automatically inferred by the robot reveal a security vulnerability in one such a device, the e.dentifier2, that was previously discovered by manual analysis, and confirm the absence of this flaw in an updated version of this device.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Georg Chalupar and Stefan Peherstorfer and Erik Poll and Joeri de Ruiter},
title = {Automated Reverse Engineering using {Lego{\textregistered}}},
booktitle = {8th USENIX Workshop on Offensive Technologies (WOOT 14)},
year = {2014},
address = {San Diego, CA},
url = {https://www.usenix.org/conference/woot14/workshop-program/presentation/chalupar},
publisher = {USENIX Association},
month = aug,
}
connect with us