Posts
It's time to start releasing more posts on the topic of the channel... I recently thought…
February 1, 2025 at 11:03 AM•Max Knyazev is typing…Telegram mirror
It's time to start releasing more posts on the topic of the channel...I recently thought, that's why you're reading this now
The other day I came across a cool scientific paper where the guys fromFudan University(the one in China🇨🇳 ) proposed a method for detecting recurring vulnerabilities in the firmware of IoT devices. Interesting? I'll tell you now👨💻
The article is called"Accurate and Efficient Recurring Vulnerability Detection for IoT Firmware", and the solution invented by the authors isFirmRec(yes, they put it on GitHub, so it's officially open source🎁 ). And I liked the article so much that I downloaded it and attached it to this post so that you could read it yourself without any problems. And now in order🧐
What's the point?
The authors note that many IoT firmware are closed and contain vulnerabilities that migrate from one device to another. Due to the lack of open source, it is difficult to fight them, and classical methods (static analysis, etc.) may miss a number of vulnerabilities. This is where it appearsFirmRec🧠
It works at the binary level, that is, it does not require source code at all. The main feature is“exploitation-based” vulnerability signatures. This is when, instead of looking for familiar patterns, we analyze the process of operation
Another important point -concolic execution(concolic execution). This is a hybrid method of program analysis, during which real input data is taken and the missing pieces of code are replaced on the fly with symbolic values. This results in an automatic search for the chain up to the critical point. Thanks to this, FirmRec finds and tightens only those places where the vulnerability can actually work (I know it’s difficult, but then you’ll have to read a whole lecture)🤯
To make everything work faster and more accurately, the authors split the check into two stages. First, there is a quick scan of the firmware and a search for similar entry points. And when candidates are found, the heavy artillery with concolic analysis is turned on. This scheme significantly reduces false positives and generally saves resources.🤑
The test results are impressive. FirmRec was tested on 320 firmware and found 642 vulnerabilities. The authors compared their solution with different tools, and FirmRec showed better accuracy everywhere (precision/recall) and higher speed. In addition, the system can work on different architectures, which is pretty cool for the IoT world🤷♀
It's actually quite impressive. Apparently, FirmRec has really proven that recurring vulnerabilities can be found faster and more accurately, even when the source code is not at hand. Naturally, I didn’t hold a candle, but if it’s so good, then I can say with confidence that our Chinese friends have taken a big and confident step towards safer
and communist
Internet of Things
Hurray, comrades!
🍻
#internet_things
#information_security
Open original post on TelegramThe other day I came across a cool scientific paper where the guys fromFudan University(the one in China
The article is called"Accurate and Efficient Recurring Vulnerability Detection for IoT Firmware", and the solution invented by the authors isFirmRec(yes, they put it on GitHub, so it's officially open source
What's the point?
The authors note that many IoT firmware are closed and contain vulnerabilities that migrate from one device to another. Due to the lack of open source, it is difficult to fight them, and classical methods (static analysis, etc.) may miss a number of vulnerabilities. This is where it appearsFirmRec
It works at the binary level, that is, it does not require source code at all. The main feature is“exploitation-based” vulnerability signatures. This is when, instead of looking for familiar patterns, we analyze the process of operation
Another important point -concolic execution(concolic execution). This is a hybrid method of program analysis, during which real input data is taken and the missing pieces of code are replaced on the fly with symbolic values. This results in an automatic search for the chain up to the critical point. Thanks to this, FirmRec finds and tightens only those places where the vulnerability can actually work (I know it’s difficult, but then you’ll have to read a whole lecture)
To make everything work faster and more accurately, the authors split the check into two stages. First, there is a quick scan of the firmware and a search for similar entry points. And when candidates are found, the heavy artillery with concolic analysis is turned on. This scheme significantly reduces false positives and generally saves resources.
The test results are impressive. FirmRec was tested on 320 firmware and found 642 vulnerabilities. The authors compared their solution with different tools, and FirmRec showed better accuracy everywhere (precision/recall) and higher speed. In addition, the system can work on different architectures, which is pretty cool for the IoT world
It's actually quite impressive. Apparently, FirmRec has really proven that recurring vulnerabilities can be found faster and more accurately, even when the source code is not at hand. Naturally, I didn’t hold a candle, but if it’s so good, then I can say with confidence that our Chinese friends have taken a big and confident step towards safer
Hurray, comrades!
#internet_things
#information_security
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.