Abstract
The security situation of the Internet of Things (IoT) is particularly severe, and a large number of IoT devices are prone to vulnerabilities. In this study, we present FIRMCORN, the first vulnerability-oriented fuzzer for IoT firmware. Based on the novel technology of optimized virtual execution, FIRMCORN focuses on three typical problems of IoT firmware fuzzing: (1) high throughput required by fuzzing, (2) inaccuracy of emulation compared with real devices, and (3) instability of emulation due to lack of hardware. Here, we optimize the initial environment and the execution process of virtual execution to achieve faster, more accurate, and more stable fuzz testing. To improve the efficiency of vulnerability mining with FIRMCORN, a vulnerable-code search algorithm is designed to obtain the entry points of fuzzing according to the characteristics of IoT firmware; further, this vulnerability-oriented fuzzing is applied to IoT device firmware. Our evaluation results show that optimized virtual execution used by FIRMCORN can significantly improve the throughput, accuracy, and stability compared with conventional virtual execution. FIRMCORN runs for only 2 hours to mine two 0-day vulnerabilities on a machine. Thus, compared with the current state-of-the-art IoT firmware fuzzing framework, FIRMCORN can more effectively mine vulnerabilities in real-world devices.
Highlights
In recent years, various Internet of Things (IoT) devices have begun to access the Internet on a large scale, profoundly changing people’s lifestyles; the number of IoT devices is expected to exceed several times the global population by 2022 [1]
We present FIRMCORN, a vulnerabilityoriented IoT firmware fuzzing framework based on optimized virtual execution
We verify whether the proposed method solves the difficulties of IoT firmware fuzzing and test the effectiveness of FIRMCORN vulnerability discovery
Summary
Various Internet of Things (IoT) devices have begun to access the Internet on a large scale, profoundly changing people’s lifestyles; the number of IoT devices is expected to exceed several times the global population by 2022 [1]. Attackers can exploit vulnerabilities in IoT firmware and control the IoT devices and even the entire IoT system, because it often comprises a large number of identical devices. IoT firmware architecture is diverse and device dependent, so firmware analysis and vulnerability mining are difficult. A. IoT FIRMWARE Firmware refers to a binary program that exists in an EEPROM or a FLASH chip. Low-level firmware mainly exists in an EEPROM, and it is difficult to modify or update; high-level firmware usually resides in Flash. Firmware mainly includes the firmware header, bootloader, system kernel, and file system, and due to the limited computing resources and storage space of IoT devices, firmware is often burned in the device in a compressed form. For performing firmware program analysis to understand the device behavior and mine its potential vulnerabilities, a debugging environment needs to be set up using static analysis and dynamic debugging
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
