Abstract
Open source components are widely used in IoT firmwares. Components of different versions have various vulnerabilities. For example, CVE-2020-8597 only affects specific version of pppd. Therefore, extracting the version of a component is of significance for discovering known vulnerabilities of devices. However, due to cross-architecture issue, extracting the versions of components from IoT firmwares in large scale is very challenging. To the best of our knowledge, there is no effective approach to extract component versions from large scale IoT firmwares. In this paper, we propose and implement an IR-based component Version Extracting and Recovering system for IoT firmwares, called VES. VES translates assembly codes into intermediate representation called VEX, and recovers the version string of a component by analyzing the data-flow of arguments of version-printing function. We implement VES and evaluate it on a large-scale dataset with 13,189 IoT firmwares of different architectures. VES can successfully extract the version information of 42,034 components with extraction rate of 96.48% and accuracy rate of 97.02%, which is 14.76% higher than the existing method.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
dlink firmwares website. http://files.dlink.com.au/Products/
Bellard, F.: QEMU, a fast and portable dynamic translator. In: 2005 Proceedings of the Annual Conference on USENIX Annual Technical Conference (2005)
Ding, S.H.H., Fung, B.C.M., Charland, P.: Asm2Vec: boosting static representation robustness for binary clone search against code obfuscation and compiler optimization. In: 2019 IEEE Symposium on Security and Privacy (SP) (2019)
Durumeric, Z., et al.: The matter of heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 475–488 (2014)
Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 480–491 (2016)
Gao, J., Yang, X., Fu, Y., Jiang, Y., Sun, J.: VulSeeker: a semantic learning based vulnerability. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering - ASE 2018, Montpellier, France, 03–09 September 2018. ACM Press (2018)
Hu, Y., Zhang, Y., Li, J., Gu, D.: Binary code clone detection across architectures and compiling configurations. In: 2017 IEEE/ACM 25th International Conference on Program Comprehension (ICPC), pp. 88–98. IEEE (2017)
Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM Sigplan Not. 42(6), 89–100 (2007)
Heartbleed OpenSSL bug CVE-2014-0160. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
Sarabi, A., Liu, M.: Characterizing the internet host population using deep learning: a universal and lightweight numerical embedding. In: 2018 Proceedings of the Internet Measurement Conference, pp. 133–146 (2018)
Xu, X., Liu, C., Feng, Q., Yin, H., Song, L., Song, D.: Neural network-based graph embedding for cross-platform binary code similarity detection. CoRR abs/1708.06525 (2017). http://arxiv.org/abs/1708.06525
Acknowledgements
This work is supported by the National Key R&D Program of China (Grant No.2018YFB0803402), the National Natural Science Foundation of China (Grant 61702503, Grant U1766215 and Grant 61802016, the Interdisciplinary Research Project for Young Teachers of USTB (Fundamental Research Funds for the Central Universities) under Grant FRF-IDRY-19-016, the National Social Science Foundation of China under Grant 17ZDA331.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Hu, X. et al. (2020). VES: A Component Version Extracting System for Large-Scale IoT Firmwares. In: Yu, D., Dressler, F., Yu, J. (eds) Wireless Algorithms, Systems, and Applications. WASA 2020. Lecture Notes in Computer Science(), vol 12385. Springer, Cham. https://doi.org/10.1007/978-3-030-59019-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-59019-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-59018-5
Online ISBN: 978-3-030-59019-2
eBook Packages: Computer ScienceComputer Science (R0)