Litcius/Paper detail

FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

Mingeun Kim, Dongkwan Kim, Eun‐Soo Kim, Suryeon Kim, Yeongjin Jang, Yongdae Kim

2020Annual Computer Security Applications Conference109 citationsDOI

Abstract

One approach to assess the security of embedded IoT devices is applying dynamic analysis such as fuzz testing to their firmware in scale. To this end, existing approaches aim to provide an emulation environment that mimics the behavior of real hardware/peripherals. Nonetheless, in practice, such approaches can emulate only a small fraction of firmware images. For example, Firmadyne, a state-of-the-art tool, can only run 183 (16.28%) of 1,124 wireless router/IP-camera images that we collected from the top eight manufacturers. Such a low emulation success rate is caused by discrepancy in the real and emulated firmware execution environment.

Topics & Concepts

FirmwareEmulationComputer scienceEmbedded systemInternet of ThingsRouterMicrocodeScale (ratio)WirelessOperating systemComputer networkEconomic growthQuantum mechanicsEconomicsPhysicsAdvanced Malware Detection TechniquesSoftware Testing and Debugging TechniquesSoftware Reliability and Analysis Research
FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis | Litcius