Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (11): 347-355.doi: 10.11896/jsjkx.230700091

• Information Security • Previous Articles     Next Articles

Dynamic Instrumentation Method for Embedded Physical Devices

SI Jianpeng, HONG Zheng, ZHOU Zhenji, CHEN Qian, LI Tao   

  1. College of Command and Control Engineering,Army Engineering University of PLA,Nanjing 210007,China
  • Received:2023-07-13 Revised:2023-11-13 Online:2024-11-15 Published:2024-11-06
  • About author:SI Jianpeng,born in 1996,postgra-duate.His main research interests include cyber securiy and program analysis.
    HONG Zheng,born in 1979,Ph.D,associate professor.His main research intere-sts include cyber securiy and software reverse engineering.
  • Supported by:
    Key Technologies and Systems for Comprehensive Prevention and Control of Cybersecurity in Smart Cities(2019YFB2101704).

PDF (PC)

220

Abstract: Most existing dynamic instrumentation methods are based on the x86/x64 instruction set,which is poorly compatible with reduced instruction set(RISC) commonly used in embedded devices,and there are problems such as low instrumentation efficiency and large resource consumption when the dynamic instrumentation methods are applied to embedded devices.This paper proposes a dynamic instrumentation method for embedded physical devices(DIEB).DIEB uses control transfer instructions as probes in embedded devices to dynamically perform binary instrumentation on target processes.It proposes a lightweight method to interpret the execution of instructions,and sets the instruction execution area based on the operating environment.DIEB interprets the execution instructions in the simulation execution area to obtain the execution results.During the dynamic operation of the target process,DIEB interprets and executes control transfer instructions to obtain the destination address of the control transfer instructions,and tracks the execution flow of the target process so as to efficiently perform dynamic instrumentation on embedded devices with limited resources.Taking the ARM instruction set as the verification object,experiments are carried out on physical devices such as NetGear R7000.Experimental results show that the DIEB instrumentation process can run normally,and the time delay caused by instrumentation is much smaller than that of the ptrace-based instrumentation method.In addition,DIEB can run stably in a multi-threaded environment and accurately record the execution flow traces of concurrent threads.

Key words: Dynamic binary instrumentation, Instruction interpretation execution, Embedded equipment, Grey box test, Program operation status feedback

CLC Number: 

  • TP313
[1] KNUD L,MOHAMMAD H,SINHA S,et al.IOT ANALYTICS:State of IoT-Spring 2022[EB/OL].(2022-05-18)[2023-08-11].https://iot-analytics.com/product/state-of-iot-spring-2022/.
[2] CHINA Communications Standards Association:Internet ofThings Operating System Security White Paper(2022)[EB/OL].(2022-09-08)[2023-08-11] http://blog.nsfocus.net/wp-content/uploads/2022/09/iot-whitepaper.pdf.
[3] National Computer Virus Emergency Treatment Center:An Investigation Report on the Network Attack Incidents of Northwestern Polytechnic University by NSA of the United States[EB/OL].(2022-09-05)[2023-08-11].https://www.cverc.org.cn/head/zhaiyao/news20220905-NPU.htm.
[4] Zalewski M:American fuzzy lop[EB/OL].(2017-11-04)[2023-08-11].https://lcamtuf.coredump.cx/afl/.
[5] LUK C,COHN R,MUTH R,et al.Pin:Building customizedprogram analysis tools with dynamic instrumentation[J].Association for Computing Machinery,2005,40(6):190-200.
[6] BRUENING D,GARNETT T,AMARASINGHE S,et al.An infrastructure for adaptive dynamic optimization[C]//International Symposium on Code Generation and Optimization.2003:265-275.
[7] SRIVASTAVA P,PENG H,LI J,et al.FirmFuzz:Automated IoT firmware introspection and analysis[C]//Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things.2019:15-21.
[8] ZHANG H,KAI L,XU Z,et al.SIoTFuzzer:Fuzzing Web Interface in IoT Firmware via Stateful Message Generation[J].Applied Sciences,2021,11(7):3120.
[9] ZHANG Y,HUO W,K P,et al.SRFuzzer:An automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities[C]//Proc.35th Annu.Computer Security Applications Conf.2019:544-556.
[10] KIM J,YU J,KIM H,et al.FIRM-COV:High-Coverage Greybox Fuzzing for IoT Firmware via Optimized Process Emulation[J].IEEE Access,2021,9:101627-101642.
[11] FENG X,SUN R,ZHU X,et al.Snipuzz:Black-box fuzzing of iot firmware via message snippet inference[C]//Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security.2021:337-350.
[12] NILO R,ANDREA C,DIPANJAN D,et al.DIANE:Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices[C]//2021 IEEE Symposium on Security and Privacy.2021:484-500.
[13] CHEN J,DIAO W,ZHAO Q,et al.IoTFuzzer:Discoveringmemory corruptions in IOT through APP-based fuzzing[C]//Proceedings of the 2018 Network and Distributed System Secu-rity Symposium.2018.
[14] JANG D,KIM T,KIM D,et al.Dynamic Analysis Tool for IoT Device[C]//2020 International Conference on Information and Communication Technology Convergence.IEEE,2020:1864-1867.
[15] ZHENG Y,SONG Z,SUN Y,et al.An efficient greybox fuzzing scheme for linux-based iot programs through binary static analysis[C]//2019 IEEE 38th International Performance Computing and Communications Conference.IEEE,2019:1-8.
[16] ZHENG Y,DAVANIAN A,YIN H,et al.FIRM-AFL:High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation[C]//USENIX Security Symposium.2019:1099-1114.
[1] SI Jianpeng, HONG Zheng, ZHOU Zhenji, CHEN Qian, LI Tao. Keyword Sensitive Fuzzing Method for Embedded Device Firmware [J]. Computer Science, 2024, 51(10): 196-207.
[2] . ROP Attach Detecting Method Based on DBI [J]. Computer Science, 2012, 39(9): 120-125.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.