Skip to main content
SpringerLink
Log in
Book cover

International Conference on Wireless Algorithms, Systems, and Applications

WASA 2020: Wireless Algorithms, Systems, and Applications pp 39–48Cite as

VES: A Component Version Extracting System for Large-Scale IoT Firmwares

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12385))

Abstract

Open source components are widely used in IoT firmwares. Components of different versions have various vulnerabilities. For example, CVE-2020-8597 only affects specific version of pppd. Therefore, extracting the version of a component is of significance for discovering known vulnerabilities of devices. However, due to cross-architecture issue, extracting the versions of components from IoT firmwares in large scale is very challenging. To the best of our knowledge, there is no effective approach to extract component versions from large scale IoT firmwares. In this paper, we propose and implement an IR-based component Version Extracting and Recovering system for IoT firmwares, called VES. VES translates assembly codes into intermediate representation called VEX, and recovers the version string of a component by analyzing the data-flow of arguments of version-printing function. We implement VES and evaluate it on a large-scale dataset with 13,189 IoT firmwares of different architectures. VES can successfully extract the version information of 42,034 components with extraction rate of 96.48% and accuracy rate of 97.02%, which is 14.76% higher than the existing method.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. dlink firmwares website. http://files.dlink.com.au/Products/

  2. Bellard, F.: QEMU, a fast and portable dynamic translator. In: 2005 Proceedings of the Annual Conference on USENIX Annual Technical Conference (2005)

    Google Scholar 

  3. Ding, S.H.H., Fung, B.C.M., Charland, P.: Asm2Vec: boosting static representation robustness for binary clone search against code obfuscation and compiler optimization. In: 2019 IEEE Symposium on Security and Privacy (SP) (2019)

    Google Scholar 

  4. Durumeric, Z., et al.: The matter of heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 475–488 (2014)

    Google Scholar 

  5. Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 480–491 (2016)

    Google Scholar 

  6. Gao, J., Yang, X., Fu, Y., Jiang, Y., Sun, J.: VulSeeker: a semantic learning based vulnerability. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering - ASE 2018, Montpellier, France, 03–09 September 2018. ACM Press (2018)

    Google Scholar 

  7. Hu, Y., Zhang, Y., Li, J., Gu, D.: Binary code clone detection across architectures and compiling configurations. In: 2017 IEEE/ACM 25th International Conference on Program Comprehension (ICPC), pp. 88–98. IEEE (2017)

    Google Scholar 

  8. Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM Sigplan Not. 42(6), 89–100 (2007)

    Article  Google Scholar 

  9. Heartbleed OpenSSL bug CVE-2014-0160. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

  10. Sarabi, A., Liu, M.: Characterizing the internet host population using deep learning: a universal and lightweight numerical embedding. In: 2018 Proceedings of the Internet Measurement Conference, pp. 133–146 (2018)

    Google Scholar 

  11. Xu, X., Liu, C., Feng, Q., Yin, H., Song, L., Song, D.: Neural network-based graph embedding for cross-platform binary code similarity detection. CoRR abs/1708.06525 (2017). http://arxiv.org/abs/1708.06525

Download references

Acknowledgements

This work is supported by the National Key R&D Program of China (Grant No.2018YFB0803402), the National Natural Science Foundation of China (Grant 61702503, Grant U1766215 and Grant 61802016, the Interdisciplinary Research Project for Young Teachers of USTB (Fundamental Research Funds for the Central Universities) under Grant FRF-IDRY-19-016, the National Social Science Foundation of China under Grant 17ZDA331.

Author information

Authors and Affiliations

  1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Xulun Hu, Weidong Zhang, Hong Li, Zhaoteng Yan, Xiyue Wang & Limin Sun

  2. School of Software and Microelectronics, Peking University, Beijing, China

    Xulun Hu

  3. School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing, China

    Yan Hu

Authors
  1. Xulun Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weidong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yan Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zhaoteng Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xiyue Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Limin Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hong Li .

Editor information

Editors and Affiliations

  1. Shandong University, Qingdao, China

    Dongxiao Yu

  2. TU Berlin, Berlin, Germany

    Falko Dressler

  3. Qilu University of Technology, Jinan, China

    Jiguo Yu

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hu, X. et al. (2020). VES: A Component Version Extracting System for Large-Scale IoT Firmwares. In: Yu, D., Dressler, F., Yu, J. (eds) Wireless Algorithms, Systems, and Applications. WASA 2020. Lecture Notes in Computer Science(), vol 12385. Springer, Cham. https://doi.org/10.1007/978-3-030-59019-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-59019-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-59018-5

  • Online ISBN: 978-3-030-59019-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation