Proposal of a Middleware to Support Development of IoT Firmware Analysis Tools

Abstract

AbstractAlthough Internet of Things (IoT) devices have made our lives increasingly convenient, there have been many reports of vulnerabilities, such as information leakage and use of these devices as springboards for attacks. To detect vulnerabilities in IoT devices, many vulnerability detection methods using firmware analysis have been proposed by many researches. The general flow of vulnerability detection is to load firmware into an analysis program called an SRE (software reverse engineering) tool and then apply the original algorithm of each program under study to find vulnerabilities. However, firmware analysis requires complex analysis preparation before applying proprietary algorithms, and the development cost of analysis preparation is burdensome for researchers. In this study, we surveyed research on firmware vulnerability detection. We chose ten studies on vulnerability detection. The results of our survey showed that the commonly used functions for firmware analysis are firmware splitting, static strings, graphs, and network functions. Also despite the fact that many studies use similar functions, all of them were developed by each study. According to the survey result, we propose a middleware that standardizes analysis preparation. By using our middleware, researchers do not need to develop a basic function of finding vulnerability. This ability will reduce the development cost of preparing for analysis and allow researchers to spend more time developing vulnerability detection algorithms, which is this project’s original purpose.KeywordsIoTFirmware analysisStatic analysisBackdoor