DEPARTMENT OF COMPUTER SCIENCE AND

ENGINEERING

OPERATING SYSTEMS - CS235AI

REPORT

Submitted by

ADITYA SHARMA 1RV22CY006

ARYAN CHATURVEDI 1RV22CY014
MEHAR KULKARNI 1RV22CY039
TANISHA AGARWAL 1RV22CY057

Dr. Minal Moharir

HoD of Computer Science(Cyber Security) Engineering,
RV College of Engineering®, Bengaluru, India

Computer Science and Engineering

2023-2024
INTRODUCTION:
The rise of smart cities has led to the adoption of intelligent transportation systems, including
smart traffic signal management. These systems promise improved traffic flow, reduced
congestion, and enhanced road safety. However, with increased connectivity comes
heightened cybersecurity risks. Conducting vulnerability assessments on smart traffic
systems is crucial to identify and mitigate potential threats, ensuring the reliability and
security of urban transportation infrastructure. This report explores the vulnerability
assessment of a prototype smart traffic signal management system, outlining discovered
vulnerabilities and recommending mitigation measures to strengthen its security posture.

SYSTEM ARCHITECTURE:
The components used are:
Traffic LED Signals
Raspberry Pi (central control unit
GPON router (network access)
Attacker Device - Linux / Windows Machine
Jumper Wires
Breadboard

The Raspberry Pi acts as the brain of the system, running the necessary software for traffic
signal control and communication with external devices. It interfaces with the traffic signals
through GPIO (General Purpose Input/Output) pins to send control commands. The system is
accessible remotely via SSH (Secure Shell) for administration and monitoring purposes. SSH
allows authorized users to securely access the Raspberry Pi over the network, facilitating
configuration, maintenance, and troubleshooting. Additionally, the system is connected to a
GPON (Gigabit Passive Optical Network) home gateway/router for network connectivity.
The GPON router serves as the entry point to the system's network and provides internet
access, enabling remote access and data exchange. This architecture enables traffic
monitoring and control while facilitating remote management and configuration. However, it
also introduces potential vulnerabilities that need to be assessed and addressed to ensure the
security and reliability of the smart traffic signal management system.
METHODOLOGY:

This section details the steps taken to assess the security of the prototype smart traffic signal
system:
1. Initial Access:
The assessment began by identifying the Raspberry Pi's IP address through the GPON home
gateway. This IP address was used to establish a connection via SSH, the Secure Shell
protocol. We used the command ssh [email protected] to connect to our Raspberry Pi
over our computer network. We successfully leveraged the weak SSH Vulnerability to gain
unauthorized access.

Fig1. GPON Home Gateway

Fig2. GPON Home Gateway>Home>List of Devices

Fig3. Successful Raspberry Pi access on Terminal

Fig4. Successful Raspberry Pi access

2. Maintaining Access and Exploring Capabilities:

To demonstrate file system manipulation capabilities, a temporary file named "test.txt" was
created using the "nano" text editor. The file was then deleted using the "rm" command. This
showcases the potential for unauthorized modification of critical system files.

Fig5. Addition of test.txt file from the attacking device

Fig6. File successfully added

Fig7. File content

Fig8. File removed by the attacker

3. Impact Assessment - Remote Shutdown:

A significant vulnerability discovered is the ability to remotely shut down the Raspberry Pi using
sudo shutdown -h now --. This command, with administrative privileges, allows an attacker to
immediately halt the system's operation. This could lead to traffic disruptions, data loss, and
potential safety hazards due to malfunctioning traffic signals.
Fig 9. Attacker gained the access to the file where the code was stored for traffic control

Fig10. Malicious code that we injected to hack the system

SYSTEM CALLS USED:

Here is the list of system calls used throughout the execution.

 SSH Connection:

o Making the Connection:

 socket: Creates a communication channel like a virtual tunnel.

 connect: Establishes the connection to the Raspberry Pi using the IP address.

 gethostbyname or getaddrinfo: Translates the hostname (if used) into the

numerical IP address.

o Authentication:

 open, read, write: These handle tasks like reading private keys (if used) and

sending login credentials.

 Sudo Execution:
 o Forking and Executing:

 fork: Creates a copy of the current process, allowing sudo to run the

shutdown command with elevated privileges.

 execve: Replaces the current process with the shutdown program ( shutdown).

 Shutdown Command:

o System Halt:

 reboot or halt: Initiates the system shutdown process, preparing the system

for a safe power off.

 Text File Editing with Nano:

o File Manipulation:

 open, read, write: These are the workhorses, enabling nano to open the file,

read its content, and write any changes made.

o Terminal Control:

 ioctl: This system call allows nano to interact with the terminal device,

managing the text editor's interface elements like displaying text and

handling user input.

 File Deletion with rm:

o File Removal:

 unlink: This call removes the specified file from the file system, essentially

deleting it.

RESULT:
Attacker gained the access to the file where the code was stored for the traffic light
management system. The vulnerability assessment of the smart traffic signal management
system prototype revealed critical security weaknesses, including default credentials,
unrestricted SSH access, weak Wi-Fi security, and insufficient file permissions. These
findings underscore the importance of prioritizing security measures to safeguard against
potential threats and ensure the integrity and reliability of the system. By implementing the
recommended mitigation strategies, stakeholders can mitigate risks and enhance the security
posture of the traffic signal management system, thereby enabling safe and efficient traffic
operations in the future.

Fig11. Prototype

Fig12. System connected to Raspberry Pi shuts down

CONCLUSION:
The vulnerabilities discovered in the smart traffic signal management system prototype
represent critical weaknesses that could potentially compromise the security and functionality
of the entire system. These vulnerabilities, if left unaddressed, have the potential to expose the
system to unauthorized access, manipulation, and disruption, posing serious risks to the safety
and efficiency of traffic management operations. It is crucial to prioritize the implementation
of the recommended mitigation measures to address these vulnerabilities promptly. By
proactively strengthening security measures, stakeholders can fortify the system against
potential threats, safeguarding its integrity and reliability. This proactive approach ensures
that the smart traffic signal management system remains resilient and capable of facilitating
safe and efficient traffic flow management operations, thereby enhancing overall
transportation safety and efficiency.
REFERENCES:
B. E B, A. M, S. G, D. Jose and H. J. Magadum, "Intelligent Traffic Monitoring and
Management System," 2023 International Conference on Computer, Electronics & Electrical
Engineering & their Applications (IC2E3), Srinagar Garhwal, India, 2023, pp. 1-5, doi:
10.1109/IC2E357697.2023.10262689.
N. Jain, R. Parwanda and A. Chauhan, "Real-Time Smart Traffic Control and Simulation: An
Approach for Urban Congestion Management," 2023 IEEE IAS Global Conference on
Emerging Technologies (GlobConET), London, United Kingdom, 2023, pp. 1-6, doi:
10.1109/GlobConET56651.2023.10150057.
R. H. Goudar and H. N. Megha, "Next generation intelligent traffic management system and
analysis for smart cities," 2017 International Conference On Smart Technologies For Smart
Nation (SmartTechCon), Bengaluru, India, 2017, pp. 999-1003, doi:
10.1109/SmartTechCon.2017.8358521.
M. M. Abo-Zahhad, "A Methodology for the Design of IoT-Based Intelligent Vehicular
Management Systems in Smart Cities," 2022 10th International Japan-Africa Conference on
Electronics, Communications, and Computations (JAC-ECC), Alexandria, Egypt, 2022, pp.
181-185, doi: 10.1109/JAC-ECC56395.2022.10044014.