Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (10): 196-207.doi: 10.11896/jsjkx.230700068

• Computer Software • Previous Articles     Next Articles

Keyword Sensitive Fuzzing Method for Embedded Device Firmware

SI Jianpeng, HONG Zheng, ZHOU Zhenji, CHEN Qian, LI Tao   

  1. College of Command and Control Engineering,Army Engineering University of PLA,Nanjing 210007,China
  • Received:2023-07-10 Revised:2023-09-30 Online:2024-10-15 Published:2024-10-11
  • About author:SI Jianpeng,born in 1996,postgra-duate.His main research interest is cyber securiy.
    HONG Zheng,born in 1979,Ph.D,associate professor.His main research in-terest is cyber securiy.
  • Supported by:
    Key Technologies and Systems for Comprehensive Prevention and Control of Cybersecurity in Smart Cities(2019YFB2101704).

PDF (PC)

229

Abstract: The firmware of most embedded devices provides a Web interface,which is convenient for the users to configure and manage the devices.However,the security problems of these Web interfaces usually bring challenges to the security of embedded devices.However,the existing vulnerability detection methods for Web interfaces in embedded device firmware have high false positive rates.This paper proposes a keyword-sensitive embedded device fuzzing method KS-Fuzz(keyword sensitive fuzzing),which efficiently performs fuzzing in the processing logic of the Web interface in the embedded device firmware.The proposed method generates high-quality test cases through the association analysis of front-end and back-end files,and records the refe-rences of keywords in the target device's back-end files to front-end files during the fuzzing process,to guide the direction of test case mutation,and improve the fuzzing coverage.In this paper,we use KS-Fuzz to test embedded devices of major brands to eva-luate the fuzzing ability of KS-Fuzz,and compare KS-Fuzz with existing vulnerability mining methods,such as SaTC,IOTScope,and FirmFuzz.The results show that by analyzing the correlation of front-end and back-end files,KS-Fuzz can quickly traverse the functional interfaces of the target devices and discover vulnerabilities effectively.

Key words: Embedded devices, Fuzzy testing, Grey box test, Correlation analysis, Keyword sensitive

CLC Number: 

  • TP309.1
[1]China Communications Standards Association.Internet ofThings Operating System Security White Paper(2022)[EB/OL].(2022-09-08) [2023-08-03].http://blog.nsfocus.net/wp-content/uploads/2022/09/iot-whitepaper.pdf.
[2]TO BE BETTER_MEN.GoAhead1- Basic Introduction[EB/OL].(2022-09-08) [2023-08-03].https://blog.csdn.net/to_be_better_wen/article/details/128749040.
[3]MY HEART.Realize HTTP server from zero-Minihttpd(IV)-semi connected and semi reactor Thread pool[EB/OL].(2020-07-03) [2023-08-03].https://www.jianshu.com/p/b11fabfc2c6c.
[4]ONE PORT LINUX.Building an embedded web server fromscratch-boa[EB/OL].(2022-02-27) [2023-08-03].https://blog.csdn.net/daocaokafei/article/details/122738254.
[5]KIKILBS.Schematic diagram of CGI execution in lighttpd[EB/OL].(2010-07-05) [2023-08-03].https://blog.csdn.net/kikilbs/article/details/5713677.
[6]REDINI N,MACHIRY A,WANG R,et al.Karonte:DetectingInsecure Multi-binary Interactions in Embedded Firmware[C]//2020 IEEE Symposium on Security and Privacy.2020:1544-1561.
[7]CHEN L,WANG Y,CAI Q,et al.Sharing More and Checking Less:Leveraging Common Input Keywords to Detect Bugs in Embedded Systems[C]//30th USENIX Security Symposium.2021:303-319.
[8]CHEN D,MAVERICK W,DAVID B,et al.Towards Automated Dynamic Analysis for Linux-based Embedded Firmware[C]//Network and Distributed System Security Symposium.2016:1-16.
[9]TOBIAS S,NILS B,MORITZ S,et al.Fuzzware:Using Precise {MMIO} Modeling for Effective Firmware Fuzzing [C]//31st USENIX Security Symposium.2022:1239-1256.
[10]SRIVASTAVA P,PENG H,LI J,et al.FirmFuzz:Automated IoT firmware introspection and analysis[C]//Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things.2019:15-21.
[11]ZHANG H,KAI L,XU Z,et al.SIoTFuzzer:Fuzzing Web Interface in IoT Firmware via Stateful Message Generation [J].Applied Sciences,2021,11(7):3120.
[12]ZHANG Y,HUO W,K P,et al.SRFuzzer:An automaticfuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities [C]//the 35th Annual Computer Security Applications Conference.2019.
[13]NILO R,ANDREA C,DIPANJAN D,et al.DIANE:Identifying FuzzingTriggers in Apps to Generate Under-constrained Inputs for IoT Devices[C]//2021 IEEE Symposium on Security and Privacy.2021:484-500.
[14]CHEN J,DIAO W,ZHAO Q,et al.IoTFuzzer:Discoveringmemory corruptions in IOT through APP-based fuzzing[C]//Network and Distributed System Security Symposium.2018.
[15]KIM J,YU J,KIM H,et al.FIRM-COV:High-Coverage Greybox Fuzzing for IoT Firmware via Optimized Process Emulation [J].IEEE Access,2021,9:101627-101642.
[16]LIU P,JI S,ZHANG X,et al.IFIZZ:Deep-State and Efficient Fault-Scenario Generation to Test IoT Firmware [C]//2021 36th IEEE/ACM International Conference on Automated Software Engineering(ASE).Melbourne,Australia,2021:805-816.
[1] YANG Xiao, WANG Xiang-kun, HU Hao, ZHU Min. Survey on Visualization Technology for Equipment Condition Monitoring [J]. Computer Science, 2022, 49(7): 89-99.
[2] SUN Lin, PING Guo-lou, YE Xiao-jun. Correlation Analysis for Key-Value Data with Local Differential Privacy [J]. Computer Science, 2021, 48(8): 278-283.
[3] LI Ming-lei, HUANG Hui, LU Yu-liang, ZHU Kai-long. SymFuzz:Vulnerability Detection Technology Under Complex Path Conditions [J]. Computer Science, 2021, 48(5): 25-31.
[4] ZHANG Qin, CHEN Hong-mei, FENG Yun-fei. Overlapping Community Detection Method Based on Rough Sets and Density Peaks [J]. Computer Science, 2020, 47(5): 72-78.
[5] LI Gang, WANG Chao, HAN De-peng, LIU Qiang-wei, LI Ying. Study on Multimodal Image Genetic Data Based on Deep Principal Correlated Auto-encoders [J]. Computer Science, 2020, 47(4): 60-66.
[6] LU Xian-guang, DU Xue-hui, WANG Wen-juan. Alert Correlation Algorithm Based on Improved FP Growth [J]. Computer Science, 2019, 46(8): 64-70.
[7] RU Feng, XU Jin, CHANG Qi, KAN Dan-hui. High Order Statistics Structured Sparse Algorithm for Image Genetic Association Analysis [J]. Computer Science, 2019, 46(4): 66-72.
[8] CHEN Zheng, TIAN Bo, HE Zeng-you. PPI Network Inference Algorithm for PCP-MS Data [J]. Computer Science, 2019, 46(12): 313-321.
[9] CHEN Feng, MENG Zu-qiang. Study on Heterogeneous Multimodal Data Retrieval Based on Hash Algorithm [J]. Computer Science, 2019, 46(10): 49-54.
[10] CHEN Li-li, ZHU Feng, SHENG Bin, CHEN Zhi-hua. Quality Evaluation of Color Image Based on Discrete Quaternion Fourier Transform [J]. Computer Science, 2018, 45(8): 70-74.
[11] LI Guang-pu, HUANG Miao-hua. Research Progress and Mainstream Methods of Frequent Itemsets Mining [J]. Computer Science, 2018, 45(11A): 1-11.
[12] WU Jun and WANG Chun-zhi. Multiple Correlation Analysis and Application of Granular Matrix Based on Big Data [J]. Computer Science, 2017, 44(Z11): 407-410.
[13] CUI Hong-fei, LIU Jia, GU Jing-jing and ZHUANG Yi. 3D Localization Estimation Algorithm Based on Locality Preserving Canonical Correlation Analysis in Wireless Sensor Networks [J]. Computer Science, 2017, 44(9): 105-109.
[14] JU An-kang, GUO Yuan-bo, ZHU Tai-ming and WANG Tong. Survey on Network Security Event Correlation Analysis Methods and Tools [J]. Computer Science, 2017, 44(2): 38-45.
[15] XU Jie, LIANG Jiu-zhen, WU Qin and LI Min. Kernel Canonical Correlation Analysis Feature Fusion Method and Application [J]. Computer Science, 2016, 43(1): 35-39.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.