An Automated Analysis Method for Large-Scale Embedded Device Firmware

被引：0

作者：

Wang M.-T. ^{[1
,2
]}

Liu Z.-J. ^{[3
]}

Chang Q. ^{[1
,2
]}

Chen Y. ^{[1
,2
]}

Shi Z.-Q. ^{[1
,2
]}

Sun L.-M. ^{[1
,2
]}

机构：

[1] Institute of Information Engineering, Chinese Academy of Sciences, Beijing

[2] School of Cyber Secwrity, University of Chinese Academy of Sciences, Beijing

[3] National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing

来源：

| 1600年 / Beijing University of Posts and Telecommunications卷 / 40期

关键词：

Classification and regression tree; Embedded device firmware; Status detection;

D O I：

10.13190/j.jbupt.2017.s.022

中图分类号：

学科分类号：

摘要：

An automated analysis method for large-scale embedded firmware was designed to get device information, such as file system type, operating system type, or CPU instruction set. But it was difficult to know whether it was decoded successfully during automated firmware analysis. To solve this problem, a firmware decoding status detection method was proposed based on classification and regression tree algorithm. The dataset contained 6 160 firmware samples and 1 823 disassembled binary files that were collected from firmware decoding. The experiments conducted on the dataset demonstrated that the proposed method had a considerable performance comparing with other classifiers, whose precision and recall rate are both above 96%. © 2017, Editorial Department of Journal of Beijing University of Posts and Telecommunications. All right reserved.

引用

页码：98 / 102

页数：4

共 3 条

[1] Costin A., Zaddach J., Francillon A., Et al., A large-scale analysis of the security of embedded firmwares, Proceedings of the 23rd USENIX Conference on Security Symposium, pp. 95-110, (2014)
[2] Zaddach J., Bruno L., Francillon A., Et al., Avatar: a framework to support dynamic security analysis of embedded systems' firmwares, Network and Distributed System Security Symposium, (2014)
[3] Rutkowski L., Jaworski M., Pietruczuk L., Et al., The CART decision tree for mining data streams, Information Sciences, 266, 5, pp. 1-15, (2014)

← 1 →