Abstract
With the rapid development of electronic and information technology, IoT devices have become widely used in various fields. Increasing attention has been paid to the performance and security analysis of IoT devices. Dynamic instrumentation is a common process in software analysis for acquiring runtime information. However, due to the limited software and hardware resources in IoT devices, most dynamic instrumentation tools do not support IoT devices. In this paper, we provide an analysis tool, IoTDIT, to solve the current problem of runtime detection in IoT devices. IoTDIT uses static analysis and ptrace system calls to obtain dynamic firmware information, which can aid in firmware performance analysis and security detection. We perform experiments to verify the performance and effectiveness of the proposed instrumentation tool.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Nordrum, A.: The internet of fewer things [news]. IEEE Spectr. 53(10), 12–13 (2016)
Rawat, S., Jain, V., Kumar, A, Bos, H.: VUzzer: application-aware evolutionary fuzzing. In: Network and Distributed System Security Symposium, San Diego, CA, USA (2017)
Kargén, U., Shahmehri, N.: Turning programs against each other: high coverage fuzz-testing using binary-code mutation and dynamic slicing. In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, pp. 782–792 (2015)
Babić, D., Martignoni, L., McCamant, S., Song, D.: Statically-directed dynamic automated test generation. In: Proceedings of the 2011 International Symposium on Software Testing and Analysis, Toronto, ON, Canada, 17–21 July 2011, pp. 12–22 (2011)
Rebert, A., Cha, S.K., Avgerinos, T., Foote, J., Warren, D., Grieco, G. Brumley, D.: Optimizing seed selection for fuzzing. In: USENIX Security, San Diego, CA, USA, pp. 861–875 (2014)
Pak, B.S.: Hybrid fuzz testing: discovering software bugs via fuzzing and symbolic execution. Master’s thesis, Carnegie Mellon University (2012)
Godefroid, P., Klarlund, N., Sen, K.: Dart: directed automated random testing. SIGPLAN Not. 40(6), 213–223 (2005)
Avgerinos, T., Rebert, A., Cha, S.K., Brumley, D.: Enhancing symbolic execution with veritesting. In: Proceedings of the 36th International Conference on Software Engineering, Hyderabad, India, pp. 1083–1094 (2014)
Höschele, M., Zeller, A.: Mining input grammars from dynamic taints. In: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, Singapore, pp. 720–725 (2016)
Cha, S.K., Woo, M., Brumley, D.: Program-adaptive mutational fuzzing. In: 2015 IEEE Symposium on Security and Privacy, San Jose, CA, USA, pp. 725–741 (2015)
Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing MAYHEM on binary code. In: 2012 IEEE Symposium on Security and Privacy, San Francisco, California, USA, pp. 380–394 (2012)
Chen, J., Diao, W., Zhao, Q., et al.: IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing. In: NDSS, San Diego, California, USA (2018)
Nanda, S., Li, W., Lam, L.C., Chiueh, T.C.: Bird: binary interpretation using runtime disassembly. In: CGO, New York, NY, USA, pp. 358–370 (2006)
Eustace, A., Eustace, A.: Atom: a system for building customized program analysis tools. In: PLDI, pp. 196–205 (1994)
Pani, P.: Measuring code coverage on an embedded target with highly limited resources. Master’s thesis, Graz University of Technology (2014)
Laurenzano, M.A., Tikir, M.M., Carrington, L., Snavely, A.: Pebil: efficient static binary instrumentation for Linux. In: ISPASS, White Plains, NY, USA, pp. 175–183 (2010)
Luk, C.K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: building customized program analysis tools with dynamic instrumentation. ACM SIGPLAN Not. 40, 190–200 (2005)
Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM SIGPLAN Not. 42, 89–100 (2007)
Bruening, D.: DynamoRIO: Dynamic Instrumentation Tool Platform. http://www.dynamorio.org/
Muench, M., Stijohann, J., Kargl, F., Francillon, A., Balzarotti, D.: What you corrupt is not what you crash: challenges in fuzzing embedded devices. In: NDSS, San Diego, CA, USA (2018)
Zhao, Q., Koh, D., Raza, S., Bruening, D., Wong, W., Amarasinghe, S.: Dynamic cache contention detection in multi-threaded applications. ACM SIGPLAN Not. 46(7), 27–38 (2011)
Nagy, S., Hicks, M.: Full-speed fuzzing: reducing fuzzing overhead through coverage-guided tracing. In: IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, pp. 787–802 (2019)
She, D., Pei, K., Epstein, D., et al.: NEUZZ: efficient fuzzing with neural program smoothing. In: IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, pp. 803–817 (2019)
Srivastava, P., Peng, H., Li, J., et al.: FirmFuzz: automated IoT firmware introspection and analysis. In: Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things, London, UK, pp. 15–21 (2019)
Gan, S., Zhang, C., Qin, X., et al.: Collafl: path sensitive fuzzing. In: IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, pp. 679–696 (2018)
Capstone. http://www.capstone-engine.org
Srivastava, A., Edwards, A., Vo, H.: Vulcan: binary transformation in a distributed environment. Technical report, MSR-TR-2001-50, Microsoft Research (2001)
Cantrill, B., Shapiro, M.W., Leventhal, A.H.: Dynamic instrumentation of production systems. In: USENIX Annual Technical Conference, Boston Marriott Copley Place, Boston, MA, USA, pp. 15–28 (2004)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, C., Qi, W., Jiang, W., Sun, P. (2021). A Dynamic Instrumentation Technology for IoT Devices. In: Barolli, L., Poniszewska-Maranda, A., Park, H. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2020. Advances in Intelligent Systems and Computing, vol 1195. Springer, Cham. https://doi.org/10.1007/978-3-030-50399-4_29
Download citation
DOI: https://doi.org/10.1007/978-3-030-50399-4_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50398-7
Online ISBN: 978-3-030-50399-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)