An Experimental Study of Four Methods for Homology Analysis of Firmware Vulnerability
| Title | An Experimental Study of Four Methods for Homology Analysis of Firmware Vulnerability |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Ran, L., Lu, L., Lin, H., Han, M., Zhao, D., Xiang, J., Yu, H., Ma, X. |
| Conference Name | 2017 International Conference on Dependable Systems and Their Applications (DSA) |
| Date Published | oct |
| Keywords | Binary difference analysis, code reuse, compositionality, development kits, embedded device, feature extraction, file organisation, File systems, firmware, firmware vulnerability, fuzz hash, fuzzy set theory, homology analysis, Human Behavior, Internet of Things, Libraries, Metrics, Microprogramming, normalized compression distance, power grid vulnerability analysis, pubcrawl, public domain software, Resiliency, security, string feature matching, string matching, third-party libraries, Tools, vulnerabilities, vulnerability detection |
| Abstract | In the production process of embedded device, due to the frequent reuse of third-party libraries or development kits, there are large number of same vulnerabilities that appear in more than one firmware. Homology analysis is often used in detecting this kind of vulnerabilities caused by code reuse or third-party reuse and in the homology analysis, the widely used methods are mainly Binary difference analysis, Normalized compression distance, String feature matching and Fuzz hash. But when we use these methods for homology analysis, we found that the detection result is not ideal and there is a high false positive rate. Focusing on this problem, we analyzed the application scenarios of these four methods and their limitations by combining different methods and different types of files and the experiments show that the combination of methods and files have a better performance in homology analysis. |
| URL | https://ieeexplore.ieee.org/document/8269600/ |
| DOI | 10.1109/DSA.2017.16 |
| Citation Key | ran_experimental_2017 |
- Libraries
- vulnerability detection
- vulnerabilities
- tools
- third-party libraries
- string matching
- string feature matching
- security
- Resiliency
- public domain software
- pubcrawl
- power grid vulnerability analysis
- normalized compression distance
- Microprogramming
- Metrics
- Binary difference analysis
- Internet of Things
- Human behavior
- homology analysis
- fuzzy set theory
- fuzz hash
- firmware vulnerability
- firmware
- File systems
- file organisation
- feature extraction
- embedded device
- development kits
- Compositionality
- code reuse