Javascript must be enabled for the correct page display

Fuzzing the Near Field Communication Data Exchange Format

Kits, J. (2014) Fuzzing the Near Field Communication Data Exchange Format. Master's Thesis / Essay, Computing Science.

[img] Text
Master_Thesis_-_Jory.pdf - Published Version
Restricted to Registered users only

Download (3MB)
[img] Text
toestemming.pdf - Other
Restricted to Backend only

Download (25kB)


Near Field Communication (NFC) is a short-range wireless Radio-frequency identification (RFID) technology capable of transmitting data. The NFC industry has proliferated over the past years, with almost everyone using smartphones that include NFC technology. Of all the NFC devices manufactured, 4 out of 5 run on Android; providing a robust and reliable standard for data formation and communication on Android devices is thus relevant. The NFC Forum, which was formed to advance and standardize the use of NFC technology, released specifications, which formulates the main communication flows between NFC devices by providing data formatting options. In this thesis, a generation-based fuzzing application is developed which focuses on validating these specifications on the Android NFC API (16) implementation by intelligently producing malformed NDEF messages. The testing method presented here optimizes its tests using a systematic analysis of the NDEF data format and the dependencies within the format. Through these analyses, efficient test sets were derived to maximize their likelihood of finding incorrect or unexpected behavior. The results revealed several bugs in the implementation of Android’s NFC API, and of these several bugs one theoretical illicit scenario is derived which combines data of a valid message with a malicious message by utilizing a bug in the Android API. Furthermore, in our opinion, the NFC specification documents contain limitations in the form of inaccuracies, inefficiencies, overlapping statements and unnecessary overhead. In this thesis, optimizations for these aspects are proposed.

Item Type: Thesis (Master's Thesis / Essay)
Degree programme: Computing Science
Thesis type: Master's Thesis / Essay
Language: English
Date Deposited: 15 Feb 2018 08:01
Last Modified: 14 May 2018 07:29

Actions (login required)

View Item View Item