Research on Known Vulnerability Detection Method Based on Firmware Analysis  

在线阅读下载全文

作  者:Wenjing Wang Tengteng Zhao Xiaolong Li Lei Huang Wei Zhang Hui Guo 

机构地区:[1]Beijing Institute of Control and Electronics Technology,Beijing,100038,China [2]State Key Laboratory of Networking and Switching Technology,Beijing University of Posts and Telecommunications,Beijing,100876,China

出  处:《Journal of Cyber Security》2022年第1期1-15,共15页网络安全杂志(英文)

摘  要:At present,the network security situation is becoming more and more serious.Malicious network attacks such as computer viruses,Trojans and hacker attacks are becoming more and more rampant.National and group network attacks such as network information war and network terrorism have a serious damage to the production and life of the whole society.At the same time,with the rapid development of Internet of Things and the arrival of 5G era,IoT devices as an important part of industrial Internet system,have become an important target of infiltration attacks by hostile forces.This paper describes the challenges facing firmware vulnerability detection at this stage,and introduces four automatic detection and utilization technologies in detail:based on patch comparison,based on control flow,based on data flow and ROP attack against buffer vulnerabilities.On the basis of clarifying its core idea,main steps and experimental results,the limitations of its method are proposed.Finally,combined with four automatic detection methods,this paper summarizes the known vulnerability detection steps based on firmware analysis,and looks forward to the follow-up work.

关 键 词:IoT devices vulnerability mining automatic detection static analysis 

分 类 号:TP3[自动化与计算机技术—计算机科学与技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象