TY - GEN
T1 - A search-based firmware code analysis method for IoT devices
AU - Xu, Yifei
AU - Liu, Ting
AU - Liu, Pengfei
AU - Sun, Hong
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/8/10
Y1 - 2018/8/10
N2 - The firmware vulnerability is one of the most serious threats for Internet-of-Things (IoT) security. However, it is hard to investigate firmware, due to the lack of source code and the complicated structure. In this paper, a searchbased firmware code analysis method is proposed to associate the program functionalities with the assembly code. In the experiment, the firmware of Siemens PAC4200 power meter is selected to demonstrate how to search the assembly code of device information interface. Moreover, one vulnerability of this interface is shown, which would be exploited to manipulate the data of device.
AB - The firmware vulnerability is one of the most serious threats for Internet-of-Things (IoT) security. However, it is hard to investigate firmware, due to the lack of source code and the complicated structure. In this paper, a searchbased firmware code analysis method is proposed to associate the program functionalities with the assembly code. In the experiment, the firmware of Siemens PAC4200 power meter is selected to demonstrate how to search the assembly code of device information interface. Moreover, one vulnerability of this interface is shown, which would be exploited to manipulate the data of device.
KW - Firmware Code Analysis
KW - Internet-of-Things
KW - Security
UR - https://www.scopus.com/pages/publications/85052581963
U2 - 10.1109/CNS.2018.8433163
DO - 10.1109/CNS.2018.8433163
M3 - 会议稿件
AN - SCOPUS:85052581963
SN - 9781538645864
T3 - 2018 IEEE Conference on Communications and Network Security, CNS 2018
BT - 2018 IEEE Conference on Communications and Network Security, CNS 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th IEEE Conference on Communications and Network Security, CNS 2018
Y2 - 30 May 2018 through 1 June 2018
ER -