yuanjie si,xiaohu yang,xinyu wang,chao huang,aleksander j kavs

DOI: https://doi.org/10.1109/ICCET.2010.5485256

2010-01-01

Abstract:In this paper, a bottom-up architecture-based reliability estimation framework for component based software systems is presented. The approach takes the component composition mechanisms and the utilization frequency of each component into account, and it is general for different architecture styles. We first propose five basic component composition mechanisms and their reliability representation methods. Then we show how to estimate the reliability of heterogeneous architectures using these basic component composition mechanisms through an iterative process. Finally a case study of a stock trading system is used to illustrate the application of our approach.

Wenyuan Xu

DOI: https://doi.org/10.1145/3579856.3596442

2023-01-01

Abstract:Vulnerabilities pose a significant challenge in ensuring cybersesecurity for information systems. In the past, vulnerabilities were mainly associated with functional defects in system software and hardware, known as "in-band vulnerabilities," whereby "band" refers to the functional domain. However, with the rapid development of the Internet of Things (IoT), new security issues have emerged that traditional vulnerability categorization may not fully cover. IoT devices rely on sensors and actuators to interact with the real world, but this interaction process between physical and digital systems has created defects that are difficult to analyze and detect. These defects include unintentional coupling effects of sensors from ambient analog signals or abnormal channels that were not intentionally designed, collectively known as "out-of-band vulnerabilities." Various security incidents have highlighted the prevalence of out-of-band vulnerabilities in IoT systems, and their activation can result in serious consequences. To address this issue, we propose a vulnerability categorization framework that includes out-of-band vulnerabilities and provides examples for each category. Our talk highlights the need to shift the research paradigm for system security to encompass both in-band and out-of-band vulnerabilities in the intelligence era. Finally, we explore potential solutions for mitigating out-of-band vulnerabilities and securing IoT devices.

Shengyi Pan,Lingfeng Bao,Xin Xia,David Lo,Shanping Li

DOI: https://doi.org/10.1109/icse48619.2023.00088

2023-01-01

Abstract:Identifying security patches via code commits to allow early warnings and timely fixes for Open Source Software (OSS) has received increasing attention. However, the existing detection methods can only identify the presence of a patch (i.e., a binary classification) but fail to pinpoint the vulnerability type. In this work, we take the first step to categorize the security patches into fine-grained vulnerability types. Specifically, we use the Common Weakness Enumeration (CWE) as the label and perform fine-grained classification using categories at the third level of the CWE tree. We first formulate the task as a Hierarchical Multi-label Classification (HMC) problem, i.e., inferring a path (a sequence of CWE nodes) from the root of the CWE tree to the node at the target depth. We then propose an approach named TREEVUL with a hierarchical and chained architecture, which manages to utilize the structure information of the CWE tree as prior knowledge of the classification task. We further propose a tree structure aware and beam search based inference algorithm for retrieving the optimal path with the highest merged probability. We collect a large security patch dataset from NVD, consisting of 6,541 commits from 1,560 GitHub OSS repositories. Experimental results show that TREEVUL significantly outperforms the best performing baselines, with improvements of 5.9%, 25.0%, and 7.7% in terms of weighted F1-score, macro F1-score, and MCC, respectively. We further conduct a user study and a case study to verify the practical value of TREEVUL in enriching the binary patch detection results and improving the data quality of NVD, respectively.

Binbin Zhao,Shouling Ji,Jiacheng Xu,Yuan Tian,Qiuyang Wei,Qinying Wang,Chenyang Lyu,Xuhong Zhang,Changting Lin,Jingzheng Wu,Raheem Beyah

DOI: https://doi.org/10.1145/3533767.3534366

2022-01-01

Abstract:As the core of IoT devices, firmware is undoubtedly vital. Currently, the development of IoT firmware heavily depends on third-party components (TPCs), which significantly improves the development efficiency and reduces the cost. Nevertheless, TPCs are not secure, and the vulnerabilities in TPCs will turn back influence the security of IoT firmware. Currently, existing works pay less attention to the vulnerabilities caused by TPCs, and we still lack a comprehensive understanding of the security impact of TPC vulnerability against firmware. To fill in the knowledge gap, we design and implement FirmSec, which leverages syntactical features and control-flow graph features to detect the TPCs at version-level in firmware, and then recognizes the corresponding vulnerabilities. Based on FirmSec, we present the first large-scale analysis of the usage of TPCs and the corresponding vulnerabilities in firmware. More specifically, we perform an analysis on 34,136 firmware images, including 11,086 publicly accessible firmware images, and 23,050 private firmware images from TSmart. We successfully detect 584 TPCs and identify 128,757 vulnerabilities caused by 429 CVEs. Our in-depth analysis reveals the diversity of security issues for different kinds of firmware from various vendors, and discovers some well-known vulnerabilities are still deeply rooted in many firmware images. We also find that the TPCs used in firmware have fallen behind by five years on average. Besides, we explore the geographical distribution of vulnerable devices, and confirm the security situation of devices in several regions, e.g., South Korea and China, is more severe than in other regions. Further analysis shows 2,478 commercial firmware images have potentially violated GPL/AGPL licensing terms.

Yifei Xu,Ting Liu,Pengfei Liu,Hong Sun

DOI: https://doi.org/10.1109/CNS.2018.8433163

2018-01-01

Abstract:The firmware vulnerability is one of the most serious threats for Internet-of-Things (IoT) security. However, it is hard to investigate firmware, due to the lack of source code and the complicated structure. In this paper, a searchbased firmware code analysis method is proposed to associate the program functionalities with the assembly code. In the experiment, the firmware of Siemens PAC4200 power meter is selected to demonstrate how to search the assembly code of device information interface. Moreover, one vulnerability of this interface is shown, which would be exploited to manipulate the data of device.

Binbin Zhao,Shouling Ji,Xuhong Zhang,Yuan Tian,Qinying Wang,Yuwen Pu,Chenyang Lyu,Raheem Beyah

2023-06-20

Abstract:Nowadays, IoT devices integrate a wealth of third-party components (TPCs) in firmware to shorten the development cycle. TPCs usually have strict usage specifications, e.g., checking the return value of the function. Violating the usage specifications of TPCs can cause serious consequences, e.g., NULL pointer dereference. Therefore, this massive amount of TPC integrations, if not properly implemented, will lead to pervasive vulnerabilities in IoT devices. Detecting vulnerabilities automatically in TPC integration is challenging from several perspectives: (1) There is a gap between the high-level specifications from TPC documents, and the low-level implementations in the IoT firmware. (2) IoT firmware is mostly the closed-source binary, which loses a lot of information when compiling from the source code and has diverse architectures. To address these challenges, we design and implement UVScan, an automated and scalable system to detect TPC usage violations in IoT firmware. In UVScan, we first propose a novel natural language processing (NLP)-based rule extraction framework, which extracts API specifications from inconsistently formatted TPC documents. We then design a rule-driven NLP-guided binary analysis engine, which maps the logical information from the high-level TPC document to the low-level binary, and detects TPC usage violations in IoT firmware across different architectures. We evaluate UVScan from four perspectives on four popular TPCs and six ground-truth datasets. The results show that UVScan achieves more than 70% precision and recall, and has a significant performance improvement compared with even the source-level API misuse detectors.

Cryptography and Security

Yisen Wang,Jianjing Shen,Jian Lin,Rui Lou

DOI: https://doi.org/10.1109/access.2019.2893733

IF: 3.9

2019-01-01

IEEE Access

Abstract:The security situation of the Internet of Things (IoT) is more serious than ever, and there is an urgent need to detect and patch device vulnerability rapidly. With the astronomical numbers of IoT devices, it is very difficult to execute regular security inspections. Existing vulnerability detection technology based on simple feature matching cannot reach high accuracy to detect firmware vulnerabilities while using a control flow graph matching directly has proven to be too expensive. To address the problem of accurate and efficient, we present a method of staged firmware vulnerability detection based on code similarity. The first stage, function embedding based on neural network is used to analyze the similarities among functions, and large-scale firmware security inspection can be achieved efficiently. The second stage, the similarity among function local call flow graphs is calculated for fine-grained firmware security analysis, and this stage can improve the accuracy of vulnerability detection. We compared our method with state-of-the-art approaches, and the experimental results demonstrate that our method is more accurate. The average retraining time of our method is 1 h, and the real-world firmware vulnerability detection experiment of our method demonstrates that the true positive rate of the top 30 is as high as 86%.

Binbin Zhao,Shouling Ji,Jiacheng Xu,Yuan Tian,Qiuyang Wei,Qinying Wang,Chenyang Lyu,Xuhong Zhang,Changting Lin,Jingzheng Wu,Raheem Beyah

DOI: https://doi.org/10.1109/tdsc.2023.3279846

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Currently, the development of IoT firmware heavily depends on third-party components (TPCs) to improve development efficiency. Nevertheless, TPCs are not secure, and the vulnerabilities in TPCs will influence the security of IoT firmware. Existing works pay less attention to the vulnerabilities caused by TPCs, and we still lack a comprehensive understanding of the security impact of TPC vulnerability against firmware. To fill in the knowledge gap, we design and implement FirmSec, which leverages syntactical features and control-flow graph features to detect the TPCs in firmware, and then recognizes the corresponding vulnerabilities. Based on FirmSec, we present the first large-scale analysis of the security risks raised by TPCs on 34,136 firmware images. We successfully detect 584 TPCs and identify 128,757 vulnerabilities caused by 429 CVEs. Our in-depth analysis reveals the diversity of security risks in firmware and discovers some well-known vulnerabilities are still rooted in firmware. Besides, we explore the geographical distribution of vulnerable devices and confirm that the security situation of devices in different regions varies. Our analysis also indicates that vulnerabilities caused by TPCs in firmware keep growing with the boom of the IoT ecosystem. Further analysis shows 2,478 commercial firmware images have potentially violated GPL/AGPL licensing terms.

Peng Liu,Yasu Cao,Yujun Yan,Yong Wang

DOI: https://doi.org/10.1109/access.2024.3378533

IF: 3.9

2024-03-27

IEEE Access

Abstract:With the continuous improvement of Internet of Things technology, Internet of Things devices are gradually popularized in people's lives and work, bringing convenience to people, but also there are many security risks. There are more and more types of attacks on IoT devices, and the security of their firmware has become a focus of attention. Aiming at firmware vulnerabilities in devices, a firmware vulnerability detection algorithm based on pattern-specific features and structural features is proposed in this study. The algorithm uses the two-stage method to filter and match the functions precisely, so as to find the functions matching the vulnerability functions. By reducing the local call graph from five layers to three layers, the algorithm operation and detection efficiency are improved, and the accurate matching method of weighted three-layer local call graph is implemented. The experimental results showed that the Top1 index value of the five-layer local call graph ranges from 81.99 to 90.19. The indexes of control flow chart and attribute control flow chart fluctuated greatly, ranging from 61.57 to 91.08 and 54.62 to 87.55, respectively. The Top1 index value of the weighted three-layer local call graph increased by 3.73%, and the average increased by 1.47%, indicating a significant improvement in the whole. It can be concluded that the firmware vulnerability detection algorithm based on the matching of pattern-specific numerical features and structural features can effectively find the function that actually matches the vulnerability function, and improve the efficiency of firmware vulnerability detection.

computer science, information systems,telecommunications,engineering, electrical & electronic

Daojing He,Hongjie Gu,Tinghui Li,Yongliang Du,Xiaolei Wang,Sencun Zhu,Nadra Guizani

DOI: https://doi.org/10.1109/mnet.011.2000450

IF: 10.294

2021-03-01

IEEE Network

Abstract:IoT devices are becoming increasingly ubiquitous because they have greatly simplified many aspects of our daily life and our work. However, most firmware in these embedded devices carry various security vulnerabilities, such as hard-cod-ed passwords, cryptographic keys, insecure configurations and backdoors. Recent large-scale attacks have demonstrated that the security vulnerabilities in IoT firmware have posed a severe threat to the Internet infrastructure. In this work, we design a hybrid platform to detect vulnerabilities in IoT firmware, which integrates both offline static detection and online dynamic detection. Our evaluation on real IoT devices shows that the proposed platform can effectively identify various security weaknesses and risks in firmware, such as dangerous processes, exploitable vulnerabilities, and other attack surfaces.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Zicong Gao,Chao Zhang,Hangtian Liu,Wenhou Sun,Zhizhuo Tang,Liehui Jiang,Jianjun Chen,Yong Xie

DOI: https://doi.org/10.14722/ndss.2024.24346

2024-01-01

Abstract:IoT devices are often found vulnerable, i.e., untrusted inputs may trigger potential vulnerabilities and flow to sensitive operations in the firmware, which could cause severe damage.As such vulnerabilities are in general taint-style, a promising solution to find them is static taint analysis.However, existing solutions have limited efficiency and effectiveness.In this paper, we propose a new efficient and effective taint analysis solution, namely HermeScan, to discover such vulnerabilities, which utilizes reaching definition analysis (RDA) to conduct taint analysis and gets much fewer false negatives, false positives, and time costs.We have implemented a prototype of HermeScan and conducted a thorough evaluation on two datasets, i.e., one 0-day dataset with 30 latest firmware and one N-day dataset with 98 older firmware, and compared with two state-of-theart (SOTA) solutions, i.e., KARONTE and SaTC.In terms of effectiveness, HermeScan, SaTC, and KARONTE find 163, 32, and 0 vulnerabilities in the 0-day dataset respectively.In terms of accuracy, the true positive rates of HermeScan, SaTC, and KARONTE are 81%, 42%, and 0% in the 0-day dataset.In terms of efficiency, HermeScan is 7.5X and 3.8X faster than SaTC and KARONTE on average in finding 0-day vulnerabilities.

XU Feng,LIU Ying,HUANG Hao,WANG Zhi-Jian

2006-01-01

Abstract:Component is designed for reuse and composition, but the problems concerning compositional mismatches often happen in the process of component composition. Analyzing from an architectural point of view, sticking points of the problems can be found. Based on the research of the software architecture and the component composition technology,the component composition technology based on software architecture connector was put forward, and an example was introduced.

Chi Zhang,Yu Wang,Linzhang Wang

DOI: https://doi.org/10.1145/3457913.3457934

2021-01-01

Abstract:Background: Firmware is the enable software of Internet of Things (IoT) devices, and its software vulnerabilities are one of the primary reason of IoT devices being exploited. Due to the limited resources of IoT devices, it is impractical to deploy sophisticated run-time protection techniques. Under an insecure network environment, when a firmware is exploited, it may lead to denial of service, information disclosure, elevation of privilege, or even life-threatening. Therefore, firmware vulnerability detection by fuzzing has become the key to ensure the security of IoT devices, and has also become a hot topic in academic and industrial research. With the rapid growth of the existing IoT devices, the size and complexity of firmware, the variety of firmware types, and the firmware defects, existing IoT firmware fuzzing methods face challenges. Objective: This paper summarizes the typical types of IoT firmware fuzzing methods, analyzes the contribution of these works, and summarizes the shortcomings of existing fuzzing methods. Method: We design several research questions, extract keywords from the research questions, then use the keywords to search for related literature. Result: We divide the existing firmware fuzzing work into real-device-based fuzzing and simulation-based fuzzing according to the firmware execution environment, and simulation-based fuzzing is the mainstream in the future; we found that the main types of vulnerabilities targeted by existing fuzzing methods are memory corruption vulnerabilities; firmware fuzzing faces more difficulties than ordinary software fuzzing. Conclusion: Through the analysis of the advantages and disadvantages of different methods, this review provides guidance for further improving the performance of fuzzing techniques, and proposes several recommendations from the findings of this review.

Yisen Wang,Ruimin Wang,Jing,Huanwei Wang

DOI: https://doi.org/10.1371/journal.pone.0245098

IF: 3.7

2021-01-01

PLoS ONE

Abstract:The rapid expansion of the open-source community has shortened the software development cycle, but the spread of vulnerabilities has been accelerated, especially in the field of the Internet of Things. In recent years, the frequency of attacks against connected devices is increasing exponentially; thus, the vulnerabilities are more serious in nature. The state-of-the-art firmware security inspection technologies, such as methods based on machine learning and graph theory, find similar applications depending on the known vulnerabilities but cannot do anything without detailed information about the vulnerabilities. Moreover, model training, which is necessary for the machine learning technologies, requires a significant amount of time and data, resulting in low efficiency and poor extensibility. Aiming at the above shortcomings, a high-efficiency similarity analysis approach for firmware code is proposed in this study. First, the function control flow features and data flow features are extracted from the functions of the firmware and of the vulnerabilities, and the features are used to calculate the SimHash of the functions. The mass storage and fast query capabilities of the SimHash are implemented by the pigeonhole principle. Second, the similarity function pairs are analyzed in detail within and among the basic blocks. Within the basic blocks, the symbolic execution is used to generate the basic block semantic information, and the constraint solver is used to determine the semantic equivalence. Among the basic blocks, the local control flow graphs are analyzed to obtain their similarity. Then, we implemented a prototype and present the evaluation. The evaluation results demonstrate that the proposed approach can implement large-scale firmware function similarity analysis. It can also get the location of the real-world firmware patch without vulnerability function information. Finally, we compare our method with existing methods. The comparison results demonstrate that our method is more efficient and accurate than the Gemini and StagedMethod. More than 90% of the firmware functions can be indexed within 0.1 s, while the search time of 100,000 firmware functions is less than 2 s.

Shigang Liu,Mahdi Dibaei,Yonghang Tai,Chao Chen,Jun Zhang,Yang Xiang

DOI: https://doi.org/10.1109/tii.2019.2942800

IF: 12.3

2020-01-01

IEEE Transactions on Industrial Informatics

Abstract:Internet of Things (IoT) integrates a variety of software (e.g., autonomous vehicles and military systems) in order to enable the advanced and intelligent services. These software increase the potential of cyber-attacks because an adversary can launch an attack using system vulnerabilities. Existing software vulnerability analysis methods used to be relying on human experts crafted features, which usually miss many vulnerabilities. It is important to develop an automatic vulnerability analysis system to improve the countermeasures. However, source code is not always available (e.g., most IoT related industry software are closed source). Therefore, vulnerability detection on binary code is a demanding task. This article addresses the automatic binary-level software vulnerability detection problem by proposing a deep learning-based approach. The proposed approach consists of two phases: binary function extraction, and model building. First, we extract binary functions from the cleaned binary instructions obtained by using IDA Pro. Then, we employ the attention mechanism on top of a bidirectional long short-term memory for building the predictive model. To show the effectiveness of the proposed approach, we have collected datasets from several different sources. We have compared our proposed approach with a series of baselines including source code-based techniques and binary code-based techniques. We have also applied the proposed approach to real-world IoT related software such as VLC media player and LibTIFF project that used on Autonomous Vehicles. Experimental results show that our proposed approach betters the baselines and is able to detect more vulnerabilities.

Zhicheng Zhu,Kun Lan,Zhihong Rao,Yuguang Zhang

DOI: https://doi.org/10.1088/1742-6596/1732/1/012051

2021-01-01

Journal of Physics: Conference Series

Abstract:Abstract With the development of IoT technology, the number of attacks against IoT software chain vulnerabilities is greater than ever, and a reasonable vulnerability assessment system needs to be established for research. The Common Vulnerability Scoring System (CVSS) is a free, public risk assessment system used by information security vendors to assess the severity of vulnerability threats. However, CVSS is insufficient because of the strong subjectivity in the selection of measurement standards and the allocation of evaluation index weights. Based on this reason, this paper designs and proposes a more objective risk assessment method for IoT software chain vulnerabilities, and verifies the feasibility and effectiveness of the method through experiments.

English Else

Shan Tang,Xin Peng,Yiming Lau,Wenyun Zhao,Zhixiong Jiang

DOI: https://doi.org/10.1109/compsac.2008.13

2008-01-01

Abstract:Commercial-off-the-shelf components (COTS) are widely reused at present and black-box composition is the unique way to integrate them into the target system. However, various mismatches among components often hamper the integration of COTS. While the existing approaches to modeling software systems often neglect the issue of COTS component-mismatch detection and elimination. Aiming at solving this problem, this paper proposes an adaptive software architecture model. Based on this model, we first analyze and conclude the mismatches among heterogeneous components, and then we propose the corresponding solutions to eliminate these mismatches and provide a seamless integration for COTS components. At the same time, we employ an example of Web-based application system to illustrate the efficiency of our approach.

Bo Zhou,Keting Yin,Shuai Zhang,Honghong Jiang,Aleksander J. Kavs

DOI: https://doi.org/10.6138/jit.2011.12.1.06

2011-01-01

Abstract:Reliability is one of the most important quality dimensions for web services. Current reliability models for composite web service assume the statistical independence of its component web services, which is often not the case. In this paper, we research on the reliability correlation of component web services by identifying common-cause failures (CCF) and propose a tree-based reliability model for composite web service. We also present the method to estimate overall reliability of composite web service based on our reliability model. Evaluation shows that our method can improve the accuracy of reliability estimation for composite web service and is particularly valuable when designing fault-tolerant service-based system. Based on the proposed reliability model, we propose a QoS-aware service selection process that is CCF-aware. Thus to ensure the selected web services for the composition to meet the reliability requirement.

Xinbo Ban,Ming Ding,Shigang Liu,Chao Chen,Jun Zhang

DOI: https://doi.org/10.1007/978-3-031-23020-2_15

2022-01-01

Abstract:The introduction of the Internet of Things (IoT) ecosystem into public and private sectors has markedly changed the way people live, work, and entertain through integrating the digital system with the physical world. However, the production of new scenarios and architectures in IoT ecosystems introduces previously unknown security threats due to the vulnerabilities in the IoT software. Since various vulnerabilities lead to unexpected consequences in different parts of the IoT ecosystem, we propose 'security domain' to categorize the origin of the threats properly, including 'physical device', 'operation rule', and 'communication'. The research community has conducted a significant amount of work in the area of vulnerability discovery by utilizing 'code intelligence', representing code analysis techniques based on different types of code. With the focus on the security domains, we review recent representative work published in the dominant time to investigate the emerging research. Also, we summarize the research methodology commonly adopted in this fast-growing area. In consonance with the phases of the research methodology, each paper that discovers IoT vulnerabilities is comprehensively studied. Challenges and future work in this area have been discussed as well.

Junjie Zhao,Bingfeng Xu,Xinkai Chen,Bo Wang,Gaofeng He

DOI: https://doi.org/10.1109/cbd58033.2022.00055

2022-01-01

Abstract:To solve the problem of an excessive number of component vulnerabilities and limited defense resources in industrial cyber physical systems, a method for analyzing security critical components of system is proposed. Firstly, the components and vulnerability information in the system are modeled based on SysML block definition diagram. Secondly, as SysML block definition diagram is challenging to support direct analysis, a block security dependency graph model is proposed. On this basis, the transformation rules from SysML block definition graph to block security dependency graph are established according to the structure of block definition graph and its vulnerability information. Then, the calculation method of component security importance is proposed, and a security critical component analysis tool is designed and implemented. Finally, an example of a Drone system is given to illustrate the effectiveness of the proposed method. The application of this method can provide theoretical and technical support for selecting key defense components in the industrial cyber physical system.