OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

- 2017

基于结构化特征库的递进式固件格式解析 Structured Feature Library-Based Progressive Firmware Format Parsing

朱晓东,尹青,常瑞,张胜桥

Keywords: 嵌入式设备安全,固件格式解析,特征匹配,结构化特征库,递进式

Full-Text Cite this paper Add to My Lib

Abstract:

提出了一种基于结构化特征库的递进式固件格式解析方法,通过建立常见固件格式结构化特征库,采用递进式的特征匹配算法,对固件格式进行自动化解析,能够获取指令集、引导代码、内核、文件系统、压缩算法、校验机制等关键信息,并剥离出固件的各部分代码,提取固件提供的函数库、交叉编译器版本等有用信息.对10款不同设备固件进行了自动化分析,均能够准确识别固件的各项关键信息,实验结果表明该方法具有较好的适用性

References

[1]	DELUGRG.Closer to Metal:Reverse-Engineering the Broadcom NetExtreme’s Firmware[R/OL].[2015-10-25].http://esec-lab.sogeti.com/static/publications/10-hack.lu-nicreverse_slides.pdf.
[2]	ZADDACH J,COSTIN A.Embedded Devices Security and Firmware Reverse Engineering[R/OL].[2015-08-11].http://s3.eurecom.fr/docs/bh13us_zaddach.pdf.
[3]	CUI A,COSTRLLO M,STOLFO S J.When Firmware Modifications Attack:A Case Study of Embedded Exploitation[C/OL].[2015-12-26].https://pdfs.semanticscholar.org/55b9/7032a03aeaca9fd3fdcb87baa789a1f968b6.pdf.
[4]	BASNIGHT Z,BUTTS J,LOPEZ J,et al.Firmware modification attacks on programmable logic controllers[J].International Journal of Critical Infrastructure Protection,2013,6(2):76-84.
[5]	赵亚新,郭玉东,舒辉.基于JTAG的嵌入式设备固件分析技术[J].计算机工程与设计,2014,35(10):3410-3415.ZHAO Y X,GUO Y D,SHU H.Analysis technology of embedded device firmware based on JTAG[J].Computer Engineering&Design,2014,35(10):3410-3415(Ch).
[6]	SHOSHITAISHVILI Y,WANG R,HAUSER C,et al.Firmalice-Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware[C/OL].[2015-11-26].https://www.lastline.com/papers/2015_ndss15_firmalice-2.pdf.
[7]	ZHU R,TAN Y,ZHANG Q,et al.Determining image base of firmware for ARM devices by matching literal pools[J].Digital Investigation,2016,16:19-28.
[8]	CHEN D D,EGELE M,WOO M,et al.Towards Automated Dynamic Analysis for Linux-based Embedded Firmware[C/OL].[2015-09-26].https://www.internetsociety.org/sites/default/files/blogs-media/towards-automated-dynamic-analysis-linux-based-embedded-firmware.pdf.
[9]	CHIPOUNOV V,CANDEA G.Reverse Engineering of Binary Device Drivers with RevNIC[DB/OL].[2015-11-25].http://llvm.org/pubs/2010-04-EUROSYS-RevNIC.pdf.
[10]	DUFLOT L,PEREZ Y A,MORIN B.Run-Time Firmware Integrity Verification:What if You Can’t Trust Your Network Card[DB/OL].[2015-12-25].https://www.ssi.gouv.fr/uploads/IMG/pdf/paper.pdf.
[11]	CUI A,STOLFO S J.Defending embedded systems with software symbiotes[C]//Recent Advances in Intrusion Detection.Berlin:Springer,2011:358-377.
[12]	BLANCO A,EISSLER M.One Firmware to Monitor’em All[R/OL].[2012-10-25].http://ekoparty.org/archive/2012/BlancoEissler_2012-paper.pdf

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133