Filters








19,911 Hits in 6.7 sec

Automated Dynamic Firmware Analysis at Scale

Andrei Costin, Apostolis Zarras, Aurélien Francillon
2016 Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security - ASIA CCS '16  
The observations we make in this paper shed light on an important aspect of embedded devices which was not previously studied at a large scale.  ...  To reach this goal, we perform full system emulation to achieve the execution of firmware images in a software-only environment, i.e., without involving any physical embedded devices.  ...  ACKNOWLEDGMENTS The research was partially supported by the German Federal Ministry of Education and Research under grant 16KIS0328 (IUNO).  ... 
doi:10.1145/2897845.2897900 dblp:conf/ccs/CostinZF16 fatcat:yo446w3fuzf7vojtl6oke7xipy

Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces [article]

Andrei Costin and Apostolis Zarras and Aurélien Francillon
2015 arXiv   pre-print
The observations we make in this paper shed light on an important aspect of embedded devices which was not previously studied at a large scale.  ...  To achieve this goal, our framework performs full system emulation to achieve the execution of firmware images in a software-only environment, i.e., without involving any physical embedded devices.  ...  Further we want to extend our system with more sophisticated dynamic analysis techniques that allow a more in-depth study of vulnerabilities within each firmware image.  ... 
arXiv:1511.03609v1 fatcat:t5uafot525du7efqxgcfqenvga

FIRMCORN: Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution

Zhijie Gui, Hui Shu, Fei Kang, Xiaobing Xiong
2020 IEEE Access  
The security situation of the Internet of Things (IoT) is particularly severe, and a large number of IoT devices are prone to vulnerabilities.  ...  with real devices, and (3) instability of emulation due to lack of hardware.  ...  This method is suitable for large-scale and parallel analysis and can collect a large number of firmware for automated testing.  ... 
doi:10.1109/access.2020.2973043 fatcat:zxa3qnklzne7bn6oxzmddgryei

Finding Software Bugs in Embedded Devices [chapter]

Aurélien Francillon, Sam L. Thomas, Andrei Costin
2021 Security of Ubiquitous Computing Systems  
These differences have an impact on our ability to find software bugs in such systems.  ...  This chapter discusses how software vulnerabilities can be identified, at different stages of the software life-cycle, for example during development, during integration of the different components, during  ...  It is therefore not easily adaptable for large-scale analysis.  ... 
doi:10.1007/978-3-030-10591-4_11 fatcat:i6qrvggrlbak7bntqljgfjerqi

Throwing a MonkeyWrench into Web Attackers Plans [chapter]

Armin Büscher, Michael Meier, Ralf Benzmüller
2010 Lecture Notes in Computer Science  
as dynamic analysis of scripts by execution in an emulated browser environment.  ...  Drive-by downloads are able to automatically infect a victim's system during a single visit of a crafted web page testing various vulnerabilities and installing e.g. malware files or illegal content without  ...  a page and running JavaScript in an emulated browser environment for dynamic analysis.  ... 
doi:10.1007/978-3-642-13241-4_4 fatcat:2plem3ytvnbizjtr3onhr44hty

The Nepenthes Platform: An Efficient Approach to Collect Malware [chapter]

Paul Baecher, Markus Koetter, Thorsten Holz, Maximillian Dornseif, Felix Freiling
2006 Lecture Notes in Computer Science  
We present the nepenthes platform, a framework for large-scale collection of information on self-replicating malware in the wild.  ...  The basic principle of nepenthes is to emulate only the vulnerable parts of a service.  ...  Finally, an empirical analysis of the effectiveness of a distributed nepenthes setup is desirable.  ... 
doi:10.1007/11856214_9 fatcat:qaydx546ezhp5gi2o5f2fcc2lq

Tools for worm experimentation on the DETER testbed

Songjie Wei, Alefiya Hussain, Jelena Mirkovic, Calvin Ko
2010 International Journal of Communication Networks and Distributed Systems  
We have developed two tools for the DETER testbed to aid in worm experimentation: the PAWS simulator for Internet-wide worm propagation studies and the WE emulator for analysis of worm spread and defense  ...  Worm experimentation is challenging for researchers today because of the lack of standardized tools to simulate and emulate worm spreads in a realistic setting.  ...  Our PArallel Worm Simulator or PAWS [4] is an Internet-scale worm spread simulator, designed for scalability and with a realistic model of Internet environment.  ... 
doi:10.1504/ijcnds.2010.033972 fatcat:nyw3ojqyajeklfs3skv6s3oj5q

A Survey of SCADA Testbed Implementation Approaches

Qais Qassim, Norziana Jamil, Izham Zainal Abidin, Mohd. Ezanee Rusli, Salman Yussof, Roslan Ismail, Fairuz Abdullah, Norhamadi Ja'afar, Hafizah Che Hasan, Maslina Daud
2017 Indian Journal of Science and Technology  
Methods/Statistical Analysis: Cyber attacks exploit SCADA security vulnerabilities in order to take control or disrupt the normal operation of the system.  ...  Such situation calls for the need of an experimental setup equivalent or quite close to the real scenario for developing and testing security solutions.  ...  available application for simulating the operations of large scale power distribution systems. 27 The study demonstrated three attack scenarios and showed the vulnerability of the network client to  ... 
doi:10.17485/ijst/2017/v10i26/116775 fatcat:qmmt67begzhzjdu6zn7alzxucu

Tools for worm experimentation on the DETER testbed

Songjie Wei, Calvin Ko, Jelena Mirkovic, Alefiya Hussain
2009 2009 5th International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities and Workshops  
We have developed two tools for the DETER testbed to aid in worm experimentation: the PAWS simulator for Internet-wide worm propagation studies and the WE emulator for analysis of worm spread and defense  ...  Worm experimentation is challenging for researchers today because of the lack of standardized tools to simulate and emulate worm spreads in a realistic setting.  ...  Our PArallel Worm Simulator or PAWS [4] is an Internet-scale worm spread simulator, designed for scalability and with a realistic model of Internet environment.  ... 
doi:10.1109/tridentcom.2009.4976194 dblp:conf/tridentcom/WeiKMH09 fatcat:w3nzvyo7ffhnzee7cxc6qez37m

WebPatrol

Kevin Zhijie Chen, Guofei Gu, Jianwei Zhuge, Jose Nazario, Xinhui Han
2011 Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS '11  
Based on the collections, we provide the capability for offline "live" replay, i.e., an end user (e.g., an analyst) can faithfully experience the original infection trail based on her current client environment  ...  By leveraging the large population of (insecure) web sites and exploiting the vulnerabilities at client-side modern (complex) browsers (and their extensions), web-based malware becomes one of the most  ...  While the exploit pages are important for vulnerability analysis and signature generation, we consider all intermediate (landing/hopping) sites are also vital in the analysis and defense of large-scale  ... 
doi:10.1145/1966913.1966938 dblp:conf/ccs/ChenGZNH11 fatcat:pcijytnuuzhptj2q5fgsn5tbr4

Security research and learning environment based on scalable network emulation

2017 Tehnički Vjesnik  
This approach provides a unified testing environment that is efficient and straightforward to use. The emulated environment also couples as a portable and intuitive training tool.  ...  Studying attacks needs to be coupled with security evaluation of currently deployed systems that are affected by them.  ...  After the analysis, the collected data can be also used to reproduce the attack in an isolated environment.  ... 
doi:10.17559/tv-20150720150638 fatcat:mrtverit6bdbpdsvzhdyd4hyxq

The V-network testbed for malware analysis

Muhammad Aminu Ahmad, Steve Woodhead, Diane Gan
2016 2016 International Conference on Advanced Communication Control and Computing Technologies (ICACCCT)  
This paper presents a virtualised network environment that serves as a stable and re-usable platform for the analysis of malware propagation.  ...  The virtualised environment uses open source routing software to support the deployment of intrusion detection systems and other malware attack sensors, and is therefore suitable for evaluating countermeasure  ...  Nevertheless, emulation systems such as DETERLab and Emulab have a limited scale of experiments and physical resources available for users; therefore, they are not suitable for large scale experimentation  ... 
doi:10.1109/icaccct.2016.7831716 fatcat:wkvjenqkubavbpi2tipjk2xpo4

From prey to hunter

Ang Cui, Jatin Kataria, Salvatore J. Stofo
2011 Proceedings of the 27th Annual Computer Security Applications Conference on - ACSAC '11  
detecting and capturing successful attacks against itself for analysis.  ...  Our global communication infrastructures are powered by large numbers of legacy embedded devices.  ...  Recent studies suggest that large populations of vulnerable embedded devices on the Internet are ripe for exploitation [8] .  ... 
doi:10.1145/2076732.2076788 dblp:conf/acsac/CuiKS11 fatcat:2ykyvfyec5bvpmrixvp7urw5qi

Hypervisor Security Analyses Based on Ishikawa Methodology

Svetlana Kolesnikova
2018 Journal of Computers  
System vulnerabilities and incidents are paid attention at a micro level rather than addressing larger scale threat scenarios and patterns and further risk mitigation strategies development.  ...  The Fishbone diagram is an analysis tool that provides a systematic way of looking at effects and the causes that create or contribute to those effects.  ...  Attack Surface in Virtualization Environment Virtualization is seen as an efficient solution for optimum use of hardware.  ... 
doi:10.17706/jcp.13.5.511-518 fatcat:no7qam5f5rd4bj4p52hh2k4xzu

SoK: Enabling Security Analyses of Embedded Systems via Rehosting

Andrew Fasano, Tiemoko Ballo, Marius Muench, Tim Leek, Alexander Bulekov, Brendan Dolan-Gavitt, Manuel Egele, Aurélien Francillon, Long Lu, Nick Gregory, Davide Balzarotti, William Robertson
2021 Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security  
In this paper, we establish that emulation is insufficient to conduct large-scale dynamic analysis of real-world hardware systems and present rehosting as a firmwarecentric alternative.  ...  This kind of dynamic analysis can be instrumental to reverse engineering, vulnerability discovery, exploit development, and debugging.  ...  ACKNOWLEDGMENTS The authors wish to thank the following individuals for their contributions and support: Lindsey  ... 
doi:10.1145/3433210.3453093 fatcat:6n2oqca4abgjfeubk4d4ccostm
« Previous Showing results 1 — 15 out of 19,911 results