PIE: Parser Identification in Embedded Systems
作者: Lucian Cojocar , Jonas Zaddach , Roel Verdult , Herbert Bos , Aurélien Francillon
关键词:
摘要: Embedded systems are responsible for the security and safety of modern societies, controlling correct operation cars airplanes, satellites medical equipment, military units all critical infrastructures. Being integrated in large complex environments, embedded need to support several communication protocols interact with other devices or their users. Interestingly, software often implements that deviate from original specifications. Some extended additional features, while others completely undocumented. Furthermore, parsers consist C code which is optimized improve performance reduce size. However, this rarely designed mind, lacks proper input validation, making those vulnerable memory corruption attacks. most designs closed source third party evaluations only possible by looking at binary firmware. In paper we propose a methodology identify processing logic present without access documentation. Specifically establish evaluate heuristic detecting type means static analysis. Afterwards demonstrate utility firmware components treating input, perform reverse engineering extract protocols, discover analyze bugs on four widely used devices: GPS receiver, power meter, hard disk drive (HDD) Programmable Logic Controller (PLC).
ru.nl
acm.org
core.ac.uk 
sci-hub.se 参考文章(37)
David Brumley, Ivan Jager, Thanassis Avgerinos, Edward J. Schwartz, BAP: a binary analysis platform computer aided verification. pp. 463- 469 ,(2011) , 10.1007/978-3-642-22110-1_37
Jorge A. Navas, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Signedness-Agnostic Program Analysis: Precise Integer Bounds for Low-Level Code asian symposium on programming languages and systems. ,vol. 7705, pp. 115- 130 ,(2012) , 10.1007/978-3-642-35182-2_9
James C. Foster, Vitaly Osipov, Nish Bhalla, Niels Heinen, Dave Aitel, Format String Attacks Buffer Overflow Attacks#R##N#Detect, Exploit, Prevent. pp. 273- 315 ,(2005) , 10.1016/B978-193226667-2/50047-5
Vitaly Chipounov, George Candea, Enabling Sophisticated Analysis of x86 Binaries with RevGen hot topics in system dependability. ,(2011)
Ravi Sethi, Jeffrey D. Ullman, Alfred V. Aho, Compilers: Principles, Techniques, and Tools ,(1986)
Fabrice Bellard, QEMU, a fast and portable dynamic translator usenix annual technical conference. pp. 41- 41 ,(2005)
Cristian Cadar, Daniel Dunbar, Dawson Engler, KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs operating systems design and implementation. pp. 209- 224 ,(2008) , 10.5555/1855741.1855756
T.J. McCabe, A Complexity Measure IEEE Transactions on Software Engineering. ,vol. SE-2, pp. 308- 320 ,(1976) , 10.1109/TSE.1976.233837
Kapil Anand, Matthew Smithson, Khaled Elwazeer, Aparna Kotha, Jim Gruen, Nathan Giles, Rajeev Barua, A compiler-level intermediate representation based binary analysis and rewriting system Proceedings of the 8th ACM European Conference on Computer Systems - EuroSys '13. pp. 295- 308 ,(2013) , 10.1145/2465351.2465380
Koushik Sen, Darko Marinov, Gul Agha, CUTE: a concolic unit testing engine for C foundations of software engineering. ,vol. 30, pp. 263- 272 ,(2005) , 10.1145/1081706.1081750