Enhancing IoT Security: A Full-System Simulation Dynamic Taint Analysis Framework for Firmware
2023 3rd International Conference on Electronic Information Engineering and Computer (EIECT)(2023)
Abstract
Dynamic taint analysis is a common and efficient technique in program analysis. IoT devices are widespread and generally have weak protection, making them a hotspot for vulnerabilities. Although some dynamic taint analysis tools and frameworks have been proposed for IoT firmware, they all suffer from one or more issues: performance degradation, lack of generality, or being limited to user mode only. We propose a cross-platform, full-system simulation dynamic taint analysis framework for IoT firmware, Firmware Dynamic Taint Analysis Framework (FDTAF). FDTAF provides a novel Virtual Machine Introspection (VMI) combined with bit-level taint propagation at TCG layer of QEMU. Additionally, we provide analysis tools for the generated taint data flow to improve the usability of dynamic taint analysis when analyzing IoT devices. The implementation of FDTAF includes 1680 lines of C++ code, 9490 lines of C code, and 320 lines of Python code. We present a comparison of the applicability of FDTAF and DECAF in firmware analysis and validate the practicality of the analysis framework using real-world vulnerabilities.
MoreTranslated text
Key words
dynamic taint analysis,full-system simulation,IoT vulnerabilities analysis
求助PDF
上传PDF
View via Publisher
AI Read Science
AI Summary
AI Summary is the key point extracted automatically understanding the full text of the paper, including the background, methods, results, conclusions, icons and other key content, so that you can get the outline of the paper at a glance.
Example
Background
Key content
Introduction
Methods
Results
Related work
Fund
Key content
- Pretraining has recently greatly promoted the development of natural language processing (NLP)
- We show that M6 outperforms the baselines in multimodal downstream tasks, and the large M6 with 10 parameters can reach a better performance
- We propose a method called M6 that is able to process information of multiple modalities and perform both single-modal and cross-modal understanding and generation
- The model is scaled to large model with 10 billion parameters with sophisticated deployment, and the 10 -parameter M6-large is the largest pretrained model in Chinese
- Experimental results show that our proposed M6 outperforms the baseline in a number of downstream tasks concerning both single modality and multiple modalities We will continue the pretraining of extremely large models by increasing data to explore the limit of its performance
Upload PDF to Generate Summary
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Related Papers
Data Disclaimer
The page data are from open Internet sources, cooperative publishers and automatic analysis results through AI technology. We do not make any commitments and guarantees for the validity, accuracy, correctness, reliability, completeness and timeliness of the page data. If you have any questions, please contact us by email: report@aminer.cn
Chat Paper