Firmware emulation techniques for dynamic analysis of embedded devices임베디드 시스템 동적 분석을 위한 펌웨어 에뮬레이션 기술

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 730
  • Download : 0
As the number of embedded devices has grown, the interest on their potential vulnerability has also increased. The recent Mirai botnet case showed that insecure embedded devices were used to melt down US East Coast, by a denial of service attack on Dyn. To mitigate future generation of botnets such as Mirai, the vulnerable embedded devices should be identified. For this, researchers have been focusing on large scale dynamic analysis rather than time-consuming manual analysis. Because it is hard to physically acquire the real devices, researchers have been studying on emulating the device firmwares. However, emulating such large number of embedded devices is challenging due to the inconsistencies of the execution environment. The Firmadyne framework tried to address the emulation challenges, but their success rate, 24%, is insufficient to deter the upcoming IoT attacks. To boost up the emulation success rate, we utilized Firmadyne as a basis and further extended emulation techniques. We, especially, focused on emulating a web service on wireless home routers, which is considered to be the most vulnerable and critical to our daily lives if vulnerable. With cause analysis on the emulation failure, we identified multiple previously uncovered problems and addressed them. By applying our techniques, we successfully emulated 399 (82%) of firmwares from the global top 5 router vendors, including the web servers. To verify the effectiveness of our work, we also performed dynamic analysis to find vulnerabilities on the emulated web servers. As a result, we discovered 22 types of 247 vulnerabilities on 125 firmwares, where 155 of them were previously unknown. For more verification, we also tested on network-enabled IP cameras. We successfully emulated 46 firmwares (88%) and found 42 vulnerabilities with a dynamic analysis.
Advisors
Kim, Yongdaeresearcher김용대researcher
Description
한국과학기술원 :정보보호대학원,
Publisher
한국과학기술원
Issue Date
2017
Identifier
325007
Language
eng
Description

학위논문(석사) - 한국과학기술원 : 정보보호대학원, 2017.2,[iv, 27 p. :]

Keywords

Embedded system; IoT security; emulation; firmware; dynamic analysis; 임베디드 시스템; 사물인터넷기기 보안; 에뮬레이션; 펌웨어; 동적 분석

URI
http://hdl.handle.net/10203/243502
Link
http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=675494&flag=dissertation
Appears in Collection
IS-Theses_Master(석사논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0