Abstract
Although Internet of Things (IoT) devices have made our lives increasingly convenient, there have been many reports of vulnerabilities, such as information leakage and use of these devices as springboards for attacks. To detect vulnerabilities in IoT devices, many vulnerability detection methods using firmware analysis have been proposed by many researches. The general flow of vulnerability detection is to load firmware into an analysis program called an SRE (software reverse engineering) tool and then apply the original algorithm of each program under study to find vulnerabilities. However, firmware analysis requires complex analysis preparation before applying proprietary algorithms, and the development cost of analysis preparation is burdensome for researchers. In this study, we surveyed research on firmware vulnerability detection. We chose ten studies on vulnerability detection. The results of our survey showed that the commonly used functions for firmware analysis are firmware splitting, static strings, graphs, and network functions. Also despite the fact that many studies use similar functions, all of them were developed by each study. According to the survey result, we propose a middleware that standardizes analysis preparation. By using our middleware, researchers do not need to develop a basic function of finding vulnerability. This ability will reduce the development cost of preparing for analysis and allow researchers to spend more time developing vulnerability detection algorithms, which is this project’s original purpose.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
CyberNews. Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices, 2020. https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/.
- 2.
Undocumented user account in Zyxel products (CVE-2020-29583)—EYE, 2021. https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html.
- 3.
Common Weakness Enumeration (CWE™)-https://cwe.mitre.org/.
- 4.
OWASP. Owasp-iot-top-10-2018, 2018. https://owasp.org/www-pdf-archive/OWASP-IoT-Top-10-2018-final.pdf.
- 5.
Binwalk, https://github.com/ReFirmLabs/binwalk.
References
Y. Shoshitaishvili, R. Wang, C. Hauser, C. Kruegel, G. Vigna, Firmalice: automatic detection of authentication bypass vulnerabilities in binary firmware, in The 2015 Network and Distributed System Security (USA, 2015)
L. Cojocar, J. Zaddach, R. Verdult, B. Herbert, A. Francillon, D. Balzarotti, PIE: parser identification in embedded systems, in Annual Computer Security Applications Conference (USA, 2015)
D.D. Chen, M. Egele, M. Woo, D. Brumley, Towards automated dynamic analysis for linux-based embedded firmware, in The 2016 Network and Distributed System Security (USA, 2016)
S.L. Thomas, T. Chothia, F.D. Garcia, Stringer: measuring the importance of static data comparisons to detect backdoors and undocumented functionality, in The European Symposium on Research in Computer Security (Norway. 2017)
S.L. Thomas, T. Chothia, F.D. Garcia, HumIDIFy: a tool for hidden functionality detection in firmware, in The Network and Distributed System Security Symposium (USA, 2017)
K. Cheng, Q. Li, Q. Wang, Q. Chen, Y. Zheng, L. Sun, Z. Liang, DTaint: detecting the taint-style vulnerability in embedded device firmware, in: 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (Luxembourg, 2018)
D. Yaniv, N. PartushEran, Y. Yahav, FirmUp: precise static detection of common vulnerabilities in firmware, in The Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems (USA, 2018)
P. Srivastava, H. Peng, J. Li, H. Okhravi, H. Shrobe, M. Payer, FirmFuzz: automated IoT firmware introspection and analysis, in The Internet of Things Security and Privacy (United Kingdom, 2019)
T.S. John, T. Thomas, S. Emmanuel, Graph convolutional networks for android malware detection with system call graphs, in Third ISEA ASIA Security and Privacy (India, 2020)
N. Redini, A. Machiry, R. Wang, C. Spensky, A.C. Continella, Y. Shoshitaishvili, C. Kruegel, G. Vigna, KARONTE: detecting insecure multi-binary interactions in embedded firmware, in 41st IEEE Symposium on Security and Privacy, Virtual (2020)
M. Yoda, S. Sakuraba, Y. Sei, Y. Tahara, A. Ohsuga, Detection of the hardcoded login information from socket and string compare symbols, in Annals of Emerging Technologies in Computing (2021)
M. Yoda, S. Sakuraba, Y. Sei, Y. Tahara, A. Ohsuga, Detection of the hardcoded login information from socket symbols, in International Conference on Computing, Electronics & Communications Engineering, Virtual (2020)
M. Yoda, S. Sakuraba, Y. Sei, Y. Tahara, A. Ohsuga, Detecting hardcoded login information from user input, in The 40th IEEE International Conference on Consumer Electronics, Virtual (2022)
S. Suzuki, H. Aman, M. Kuwahara, A decision tree-based model for judging the compatibility between java method’s name and implementation and its evaluation, in FOSE (Japan, 2017)
Acknowledgements
This work was supported by JSPS KAKENHI (Grant Numbers JP18H03229, JP18H03340, 18K19835, JP19H04113, JP19K12107, and JP21H03496).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Yoda, M., Sakuraba, S., Sei, Y., Tahara, Y., Ohsuga, A. (2023). Proposal of a Middleware to Support Development of IoT Firmware Analysis Tools. In: Virvou, M., Saruwatari, T., Jain, L.C. (eds) Knowledge-Based Software Engineering: 2022. JCKBSE 2022. Learning and Analytics in Intelligent Systems, vol 30. Springer, Cham. https://doi.org/10.1007/978-3-031-17583-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-17583-1_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-17582-4
Online ISBN: 978-3-031-17583-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)