Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

A Scalable Middleware for IoT Vulnerability Detection

  • Chapter
  • First Online:
Networking and Parallel/Distributed Computing Systems

Part of the book series: Studies in Computational Intelligence ((SCI,volume 1125))

  • 240 Accesses

Abstract

Cyberattacks targeting vulnerabilities in the internet of things (IoT) devices are increasing in number annually. Accordingly, various methods and analysis tools for IoT vulnerability detection have been proposed. Each analysis tool focuses on a specific vulnerability; therefore, it is necessary to use different analysis tools to detect multiple vulnerabilities. However, the currently available analysis tools often suffer from installation errors and are difficult to use effectively. Therefore, we propose a middleware for static analysis of IoT firmware that can be equipped with multiple vulnerability-detection algorithms. Using our middleware, multiple vulnerability-detection algorithms can be combined into a single analysis tool. Our results were compared with those of Karonte, the most popular analysis tool in terms of capability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. M. Alsheikh, L. Konieczny, M. Prater, G. Smith, and S. Uludag, “The state of iot security: Unequivocal appeal to cybercriminals, onerous to defenders,” IEEE Consumer Electronics Magazine, vol. 11, no. 3, pp. 59–68, 2022.

    Google Scholar 

  2. N. Redini, A. MacHiry, R. Wang, C. Spensky, A. Continella, Y. Shoshitaishvili, C. Kruegel, and G. Vigna, “Karonte: Detecting insecure multi-binary interactions in embedded firmware,” in Proc. 2020 IEEE Symposium on Security and Privacy, Online, May. 2020, pp. 1544–1561.

    Google Scholar 

  3. J. Yun, F. Rustamov, J. Kim, and Y. Shin, “Fuzzing of embedded systems: A survey,” ACM Comput. Surv., vol. 55, no. 7, pp. 1–33, 2022. [Online]. Available: https://doi.org/10.1145/3538644.

  4. X. Feng, X. Zhu, Q.-L. Han, W. Zhou, S. Wen, and Y. Xiang, “Detecting vulnerability on iot device firmware: A survey,” IEEE/CAA Journal of Automatica Sinica, vol. 10, no. 1, pp. 25–41, 2023.

    Google Scholar 

  5. P. Ferrara, A. K. Mandal, A. Cortesi, and F. Spoto, “Static analysis for discovering iot vulnerabilities,” Int. J. Softw. Tools Technol. Transf., vol. 23, no. 1, p. 71–88, 2021. [Online]. Available: https://doi.org/10.1007/s10009-020-00592-x.

  6. S. L. Thomas, T. Chothia, and F. D. Garcia, “Stringer: Measuring the importance of static data comparisons to detect backdoors and undocumented functionality,” in Proc. 22nd European Symposium on Research in Computer Security, Copenhagen, Denmark, Sept. 2017, pp. 513–531.

    Google Scholar 

  7. M. Yoda, S. Sakuraba, Y. Sei, Y. Tahara, and A. Ohsuga, “Detection of the hardcoded login information from socket and string compare symbols,” 2021 Annals of Emerging Technologies in Computing, vol. 5, no. 1, pp. 28–39, 2021.

    Google Scholar 

  8. M. Yoda, S. Sakuraba, Y. Sei, Y. Tahara, and A. Ohsuga, “Detection of the hardcoded login information from socket symbols,” in Proc. 3rd IEEE International Conference on Computing, Electronics & Communications Engineering, Essex, United Kingdom, Aug. 2020, pp. 33–38.

    Google Scholar 

  9. M. Yoda, S. Sakuraba, Y. Sei, Y. Tahara, and A. Ohsuga, “Detecting hardcoded login information from user input,” in Proc. IEEE 41st International Conference on Consumer Electronics, Oct. 2022, pp. 104–105.

    Google Scholar 

  10. J. Zhang, M. Ma, P. Wang, and X. dong Sun, “Middleware for the internet of things: A survey on requirements, enabling technologies, and solutions,” Journal of Systems Architecture, vol. 117, p. 102098, 2021. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1383762121000795.

  11. M. Yoda, “Yoda,” https://github.com/usaribbon/firmddle_docker, accessed on May. 05. 2023. [Online]. Available: https://github.com/usaribbon/firmddle_docker.

  12. Y. Shoshitaishvili, R. Wang, C. Hauser, C. Kruegel, and G. Vigna, “Firmalice - automatic detection of authentication bypass vulnerabilities in binary firmware.” in Proc. 22rd Annual Network and Distributed System Security Symposium, San Diego, USA, Feb. 2015.

    Google Scholar 

  13. L. Cojocar, J. Zaddach, R. Verdult, H. Bos, A. Francillon, and D. Balzarotti, “PIE: parser identification in embedded systems,” in Proc. the 31st Annual Computer Security Applications Conference, Los Angeles, USA, Dec. 2015, pp. 251–260.

    Google Scholar 

  14. K. Cheng, Q. Li, L. Wang, Q. Chen, Y. Zheng, L. Sun, and Z. Liang, “Dtaint: Detecting the taint-style vulnerability in embedded device firmware,” Luxembourg, Luxembourg, 2018, pp. 430–441.

    Google Scholar 

  15. Y. David, N. Partush, and E. Yahav, “Firmup: Precise static detection of common vulnerabilities in firmware,” in Proc. the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems, New York, USA, Mar. 2018, p. 392–404.

    Google Scholar 

  16. T. S. John, T. Thomas, and S. Emmanuel, “Graph convolutional networks for android malware detection with system call graphs,” in Proc. Third ISEA Conference on Security and Privacy, Guwahati, India, Feb. 2020, pp. 162–170.

    Google Scholar 

  17. D. D. Chen, M. Woo, D. Brumley, and M. Egele, “Towards automated dynamic analysis for linux-based embedded firmware,” in Proc. 23rd Annual Network and Distributed System Security Symposium, San Diego, USA, Feb. 2016.

    Google Scholar 

  18. D. D. Chen, M. Woo, D. Brumley, and M. Egele, “Firmadyne,” https://github.com/firmadyne/firmadyne, accessed on May. 05. 2023. [Online]. Available: https://github.com/firmadyne/firmadyne.

  19. S. L. Thomas, T. Chothia, and F. D. Garcia, “Stringer,” https://github.com/BaDSeED-SEC/strngr, accessed on May. 05. 2023. [Online]. Available: https://github.com/BaDSeED-SEC/strngr.

  20. S. L. Thomas, T. Chothia, and F. D. Garcia, “Humidify: A tool for hidden functionality detection in firmware,” in Proc. 24rd Annual Network and Distributed System Security Symposium, San Diego, USA, Feb. 2017, pp. 279–300.

    Google Scholar 

  21. S. L. Thomas, T. Chothia, and F. D. Garcia, “Humidify,” https://github.com/BaDSeED-SEC/HumIDIFy, accessed on May. 05. 2023. [Online]. Available: https://github.com/BaDSeED-SEC/HumIDIFy.

  22. P. Srivastava, H. Peng, J. Li, H. Okhravi, H. Shrobe, and M. Payer, “Firmfuzz: Automated iot firmware introspection and analysis,” in Proc. the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things, London, United Kingdom, Nov. 2019, p. 15–21.

    Google Scholar 

  23. P. Srivastava, H. Peng, J. Li, H. Okhravi, H. Shrobe, and M. Payer, “Firmfuzz,” https://github.com/HexHive/FirmFuzz, accessed on May. 05. 2023. [Online]. Available: https://github.com/HexHive/FirmFuzz.

  24. N. Redini, A. MacHiry, R. Wang, C. Spensky, A. Continella, Y. Shoshitaishvili, C. Kruegel, and G. Vigna, “Karonte,” https://hub.docker.com/r/badnack/karonte, accessed on May. 05. 2023. [Online]. Available: https://hub.docker.com/r/badnack/karonte.

  25. J. Collake, “Firmware mod kit,” https://github.com/amitv87/firmware-mod-kit, accessed on May. 05. 2023. [Online]. Available: https://github.com/amitv87/firmware-mod-kit.

  26. Z. Zhang, Y. Ye, W. You, G. Tao, W.-c. Lee, Y. Kwon, Y. Aafer, and X. Zhang, “Osprey: Recovery of variable and data structure via probabilistic analysis for stripped binary,” in Proc. the 42nd IEEE Symposium on Security and Privacy, San Francisco, USA, May. 2021, pp. 813–832.

    Google Scholar 

  27. C. Pang, R. Yu, D. Xu, E. Koskinen, G. Portokalidis, and J. Xu, “Towards optimal use of exception handling information for function detection,” in Proc. 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Online, 2021, pp. 338–349.

    Google Scholar 

  28. M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis, D. Kumar, C. Lever, Z. Ma, J. Mason, D. Menscher, C. Seaman, N. Sullivan, K. Thomas, and Y. Zhou, “Understanding the mirai botnet,” in Proc. the 26th USENIX Security Symposium, Vancouver, Canada, Aug. 2017. [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis.

Download references

Acknowledgements

This work was supported by JSPS KAKENHI Grant Numbers JP21H03496, JP22K12157, JP23H03688 and SEI Group CSR Foundation.

Author information

Authors and Affiliations

  1. Graduate School of Informatics and Engineering, The University of Electro-Communications, Tokyo, Japan

    Minami Yoda, Shigeo Nakamura, Yuichi Sei, Yasuyuki Tahara & Akihiko Ohsuga

Authors
  1. Minami Yoda
    View author publications

    Search author on:PubMed Google Scholar

  2. Shigeo Nakamura
    View author publications

    Search author on:PubMed Google Scholar

  3. Yuichi Sei
    View author publications

    Search author on:PubMed Google Scholar

  4. Yasuyuki Tahara
    View author publications

    Search author on:PubMed Google Scholar

  5. Akihiko Ohsuga
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Minami Yoda .

Editor information

Editors and Affiliations

  1. Software Engineering and Information Technology Institute, Central Michigan University, Mount Pleasant, MI, USA

    Roger Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Yoda, M., Nakamura, S., Sei, Y., Tahara, Y., Ohsuga, A. (2024). A Scalable Middleware for IoT Vulnerability Detection. In: Lee, R. (eds) Networking and Parallel/Distributed Computing Systems. Studies in Computational Intelligence, vol 1125. Springer, Cham. https://doi.org/10.1007/978-3-031-53274-0_7

Download citation

Publish with us

Policies and ethics