Security Analysis of the 3MF Data Format
J. Rossel, V. Mladenov, J. Somorovsky, in: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, ACM, 2023.
Download
Conference Paper
| Published
| English
Author
Department
Abstract
3D printing is a well-established technology with rapidly increasing usage scenarios both in the industry and consumer context. The growing popularity of 3D printing has also attracted security researchers, who have analyzed possibilities for weakening 3D models or stealing intellectual property from 3D models. We extend these important aspects and provide the first comprehensive security analysis of 3D printing data formats. We performed our systematic study on the example of the 3D Manufacturing Format (3MF), which offers a large variety of features that could lead to critical attacks. Based on 3MF’s features, we systematized three attack goals: Data Exfiltration (dex), Denial of Service, and UI Spoofing (uis). We achieve these goals by exploiting the complexity of 3MF, which is based on the Open Packaging Conventions (OPC) format and uses XML to define 3D models. In total, our analysis led to 352 tests. To create and run these tests automatically, we implemented an open-source tool named 3MF Analyzer (tool), which helped us evaluate 20 applications.
Publishing Year
Proceedings Title
Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses
Conference
26th International Symposium on Research in Attacks, Intrusions and Defenses
Conference Location
Hongkong
Conference Date
2023-10-16 – 2023-10-18
LibreCat-ID
Cite this
Rossel J, Mladenov V, Somorovsky J. Security Analysis of the 3MF Data Format. In: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. ACM; 2023. doi:10.1145/3607199.3607216
Rossel, J., Mladenov, V., & Somorovsky, J. (2023). Security Analysis of the 3MF Data Format. Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hongkong. https://doi.org/10.1145/3607199.3607216
@inproceedings{Rossel_Mladenov_Somorovsky_2023, title={Security Analysis of the 3MF Data Format}, DOI={10.1145/3607199.3607216}, booktitle={Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses}, publisher={ACM}, author={Rossel, Jost and Mladenov, Vladislav and Somorovsky, Juraj}, year={2023} }
Rossel, Jost, Vladislav Mladenov, and Juraj Somorovsky. “Security Analysis of the 3MF Data Format.” In Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. ACM, 2023. https://doi.org/10.1145/3607199.3607216.
J. Rossel, V. Mladenov, and J. Somorovsky, “Security Analysis of the 3MF Data Format,” presented at the 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hongkong, 2023, doi: 10.1145/3607199.3607216.
Rossel, Jost, et al. “Security Analysis of the 3MF Data Format.” Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, ACM, 2023, doi:10.1145/3607199.3607216.
All files available under the following license(s):
Copyright Statement:
This Item is protected by copyright and/or related rights. [...]
Main File(s)
File Name
Access Level
Open Access
Last Uploaded
2024-09-05T11:14:40Z
Link(s) to Main File(s)
Access Level
Closed Access
Google Scholar