In this paper, we present a comprehensive implementation of the RollJam attack using Software-Defined Radios (SDR), offering a detailed exploration of the practical aspects and implications of this wireless security vulnerability. The RollJam attack, initially introduced by Samy Kamkar in 2015, exploits weaknesses in rolling code-based keyless entry systems, allowing unauthorized access to vehicles and other secure environments. Our research focuses on the development and deployment of a RollJam device leveraging SDR technology, enabling a cost-effective and versatile implementation for security researchers and practitioners. We discuss the intricacies of the attack methodology, including the jamming of radio frequency signals during key fob transmissions, recording and storing valid codes, and executing replay attacks to gain unauthorized access. To provide a realistic evaluation of the RollJam attack's viability, we conduct experiments on a range of devices equipped with rolling code-based systems, and we analyze the effectiveness of the attack on various implementations and variations of keyless entry systems.
Stabili, D., Valgimigli, F., Bocchi, T., Veronesi, F., Marchetti, M. (2024). Implementing and testing RollJam on Software-Defined Radios. CEUR-WS.
Implementing and testing RollJam on Software-Defined Radios
Stabili D.
;
2024
Abstract
In this paper, we present a comprehensive implementation of the RollJam attack using Software-Defined Radios (SDR), offering a detailed exploration of the practical aspects and implications of this wireless security vulnerability. The RollJam attack, initially introduced by Samy Kamkar in 2015, exploits weaknesses in rolling code-based keyless entry systems, allowing unauthorized access to vehicles and other secure environments. Our research focuses on the development and deployment of a RollJam device leveraging SDR technology, enabling a cost-effective and versatile implementation for security researchers and practitioners. We discuss the intricacies of the attack methodology, including the jamming of radio frequency signals during key fob transmissions, recording and storing valid codes, and executing replay attacks to gain unauthorized access. To provide a realistic evaluation of the RollJam attack's viability, we conduct experiments on a range of devices equipped with rolling code-based systems, and we analyze the effectiveness of the attack on various implementations and variations of keyless entry systems.| File | Dimensione | Formato | |
|---|---|---|---|
|
paper40.pdf
accesso aperto
Tipo:
Versione (PDF) editoriale / Version Of Record
Licenza:
Licenza per Accesso Aperto. Creative Commons Attribuzione (CCBY)
Dimensione
1.65 MB
Formato
Adobe PDF
|
1.65 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
