HMFuzzer:一种基于人机协同的物联网设备固件漏洞挖掘方案  被引量:4

HMFuzzer:A Human-Machine Collaboration-Based Firmware Vulnerability Mining Scheme for IoT Devices

在线阅读下载全文

作  者:况博裕 张兆博 杨善权 苏铓[2] 付安民[1,2] KUANG Bo-Yu;ZHANG Zhao-Bo;YANG Shan-Quan;SU Mang;FU An-Min(School of Cyber Science and Engineering,Nanjing University of Science and Technology,Nanjing210094;School of Computer Science and Engineering,Nanjing University of Science and Technology,Nanjing210094)

机构地区:[1]南京理工大学网络空间安全学院,南京210094 [2]南京理工大学计算机科学与工程学院,南京210094

出  处:《计算机学报》2024年第3期703-716,共14页Chinese Journal of Computers

基  金:国家自然科学基金项目(62072239,62372236);江苏省自然科学基金项目(BK20211192);未来网络科研基金项目(FNSRFP-2021-ZD-05);中央高校基本科研业务费专项资金(30921013111);江苏省青蓝工程;江苏省卓越博士后计划资助

摘  要:模糊测试是一种针对物联网设备固件漏洞挖掘的主流方法,能够先攻击者一步发现安全威胁,提升物联网设备的安全性.但是目前大部分的模糊测试技术关注于如何自动化地实现漏洞挖掘,忽略了专家经验对于设备固件漏洞挖掘工作的优势.本文提出一种基于人机协同的物联网设备固件漏洞挖掘方案HMFuzzer,设计了基于设备固件前后端交互的设备固件关键信息提取方法,通过模拟设备固件、设备管理界面以及用户三方交互模式获取固件潜在的关键信息,并通过二进制文件定位和函数分析技术解析出固件关键函数.此外,HMFuzzer通过在模糊测试的预处理、测试和结果分析阶段引入专家经验,利用上一阶段获取的关键信息,结合强化学习算法,优化种子变异和模糊测试流程,显著提升了模糊测试的覆盖率、效率以及漏洞挖掘能力.实验结果表明,相比于现有的固件漏洞挖掘方法,HMFuzzer的漏洞识别成功率能提高10%以上,具备更强的漏洞检测能力.特别是,针对真实厂商的物联网设备测试,HMFuzzer发现了多个0-day漏洞,其中已获得4个CVE/CNVD高危漏洞.The popularity of infrastructure such as 5G has greatly facilitated the development of the Internet of Things(IoT),which has become an integral part of our lives.However,with the widespread adoption of IoT technologies in many areas,the security risks of its architecture have also increased and the attack surface for IoT is becoming more diverse.In recent years,malicious attacks and security incidents related to the IoT have been frequent,which are often caused by exploitable security vulnerabilities in IoT devices.In this context,fuzzing currently becomes the mainstream approach for IoT device firmware vulnerability mining,which can improve the security of IoT devices by detecting security threats ahead of attackers.However,most of the existing research works on IoT device firmware vulnerability mining have overly focused on automated vulnerability mining.Although automated vulnerability mining reduces the labor cost,it limits the flexibility and scalability of the solutions and ignores the benefits of expert experience.Expert experience can greatly enhance the compatibility of automated fuzzers,improve the efficiency of test seed evolution,and also help automated tools to discern anomalous program states that are difficult to resolve,which in turn improves the ability of vulnerability mining.Therefore,in order to effectively combine expert experience and automated vulnerability mining and improve the efficiency of IoT device firmware vulnerability mining,this paper proposes a human-machine collaborative firmware vulnerability mining scheme for IoT device,named HMFuzzer.HMFuzzer obtains the target device firmware information through various methods and designs a device firmware key information extraction method based on the interaction between the front and back ends of the device firmware.The method simulates the three-party interaction mode among the device firmware,the management interface,and the user,which can effectively obtain the target device’s potential firmware key information.Besides,HMFuzzer obtai

关 键 词:物联网 漏洞挖掘 模糊测试 人机协同 设备固件 强化学习 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象