Backdoor detection in embedded system firmware without file system
Any embedded system firmware without file system will integrate its system code and user application code into a single file.This setting has brought some additional difficulties to analyze them.Aimed at this kind of firmware,the problem of library function identification was analyzed,and several he...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2013-08-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.08.018/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539796941406208 |
|---|---|
| author | Chao-jian HU Yi-bo XUE Liang ZHAO Zhou-jun LI |
| author_facet | Chao-jian HU Yi-bo XUE Liang ZHAO Zhou-jun LI |
| author_sort | Chao-jian HU |
| collection | DOAJ |
| description | Any embedded system firmware without file system will integrate its system code and user application code into a single file.This setting has brought some additional difficulties to analyze them.Aimed at this kind of firmware,the problem of library function identification was analyzed,and several heuristic methods to recognize some important function relevant with manipulating network socket and character string / memory were proposed.Based on this analysis,the backdoor detection problem of some typical types including unauthorized listener,unintended function,hidden function,outward connection request etc.were discussed,and several backdoors (one is critical level) in a real world firmware were found.The result shows this method of identifying library function can be useful for security analysis to this type of firmware. |
| format | Article |
| id | doaj-art-36965ba666104d35b0a75f75794fe5eb |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2013-08-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-36965ba666104d35b0a75f75794fe5eb2025-01-14T06:41:07ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2013-08-013414014559674360Backdoor detection in embedded system firmware without file systemChao-jian HUYi-bo XUELiang ZHAOZhou-jun LIAny embedded system firmware without file system will integrate its system code and user application code into a single file.This setting has brought some additional difficulties to analyze them.Aimed at this kind of firmware,the problem of library function identification was analyzed,and several heuristic methods to recognize some important function relevant with manipulating network socket and character string / memory were proposed.Based on this analysis,the backdoor detection problem of some typical types including unauthorized listener,unintended function,hidden function,outward connection request etc.were discussed,and several backdoors (one is critical level) in a real world firmware were found.The result shows this method of identifying library function can be useful for security analysis to this type of firmware.http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.08.018/embedded systemfirmwarefile systemlibrary function identificationbackdoor detection |
| spellingShingle | Chao-jian HU Yi-bo XUE Liang ZHAO Zhou-jun LI Backdoor detection in embedded system firmware without file system Tongxin xuebao embedded system firmware file system library function identification backdoor detection |
| title | Backdoor detection in embedded system firmware without file system |
| title_full | Backdoor detection in embedded system firmware without file system |
| title_fullStr | Backdoor detection in embedded system firmware without file system |
| title_full_unstemmed | Backdoor detection in embedded system firmware without file system |
| title_short | Backdoor detection in embedded system firmware without file system |
| title_sort | backdoor detection in embedded system firmware without file system |
| topic | embedded system firmware file system library function identification backdoor detection |
| url | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.08.018/ |
| work_keys_str_mv | AT chaojianhu backdoordetectioninembeddedsystemfirmwarewithoutfilesystem AT yiboxue backdoordetectioninembeddedsystemfirmwarewithoutfilesystem AT liangzhao backdoordetectioninembeddedsystemfirmwarewithoutfilesystem AT zhoujunli backdoordetectioninembeddedsystemfirmwarewithoutfilesystem |