Automated Vulnerability Detection in Embedded Devices - Advances in Digital Forensics XIV
Conference Papers Year : 2018

Automated Vulnerability Detection in Embedded Devices

Abstract

Embedded devices are widely used today and are rapidly being incorporated in the Internet of Things that will permeate every aspect of society. However, embedded devices have vulnerabilities such as buffer overflows, command injections and backdoors that are often undocumented. Malicious entities who discover these vulnerabilities could exploit them to gain control of embedded devices and conduct a variety of criminal activities.Due to the large number of embedded devices, non-standard codebases and complex control flows, it is extremely difficult to discover vulnerabilities using manual techniques. Current automated vulnerability detection tools typically use static analysis, but the detection accuracy is not high. Some tools employ code execution; however, this approach is inefficient, detects limited types of vulnerabilities and is restricted to specific architectures. Other tools use symbolic execution, but the level of automation is not high and the types of vulnerabilities they uncover are limited. This chapter evaluates several advanced vulnerability detection techniques used by current tools, especially those involving automated program analysis. These techniques are leveraged in a new automated vulnerability detection methodology for embedded devices.
Fichier principal
Vignette du fichier
472401_1_En_17_Chapter.pdf (202.77 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01988845 , version 1 (22-01-2019)

Licence

Identifiers

Cite

Danjun Liu, Yong Tang, Baosheng Wang, Wei Xie, Bo Yu. Automated Vulnerability Detection in Embedded Devices. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.313-329, ⟨10.1007/978-3-319-99277-8_17⟩. ⟨hal-01988845⟩
117 View
333 Download

Altmetric

Share

More