Open Access

ARTICLE

Research on Known Vulnerability Detection Method Based on Firmware Analysis

Wenjing Wang¹, Tengteng Zhao¹, Xiaolong Li^1,*, Lei Huang¹, Wei Zhang¹, Hui Guo²

1 Beijing Institute of Control and Electronics Technology, Beijing, 100038, China
2 State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876, China

* Corresponding Author: Xiaolong Li. Email:

Journal of Cyber Security 2022, 4(1), 1-15. https://doi.org/10.32604/jcs.2022.026816

Received 03 March 2022; Accepted 07 April 2022; Issue published 05 May 2022

Abstract

At present, the network security situation is becoming more and more serious. Malicious network attacks such as computer viruses, Trojans and hacker attacks are becoming more and more rampant. National and group network attacks such as network information war and network terrorism have a serious damage to the production and life of the whole society. At the same time, with the rapid development of Internet of Things and the arrival of 5G era, IoT devices as an important part of industrial Internet system, have become an important target of infiltration attacks by hostile forces. This paper describes the challenges facing firmware vulnerability detection at this stage, and introduces four automatic detection and utilization technologies in detail: based on patch comparison, based on control flow, based on data flow and ROP attack against buffer vulnerabilities. On the basis of clarifying its core idea, main steps and experimental results, the limitations of its method are proposed. Finally, combined with four automatic detection methods, this paper summarizes the known vulnerability detection steps based on firmware analysis, and looks forward to the follow-up work.

---

Keywords

---