Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems’ Firmwares

Zaddach, Jonas; Bruno, Luca; Francillon, Aurélien; Balzarotti, Davide

doi:10.14722/ndss.2014.23229

Cited by 232 publications

(158 citation statements)

References 35 publications

(24 reference statements)

Supporting

Mentioning

158

Contrasting

Order By: Relevance

“…Since many embedded devices require their firmware to be signed by the device manufacturer, loading custom analysis code (such as that required by Avatar [33]) would require bypassing this protection. Even if this limitation could be bypassed, the disparity between different devices would necessitate a significant implementation effort to analyze each new device, limiting the possible scale of such a system's analysis.…”

Section: Discussionmentioning

confidence: 99%

“…Among existing research on firmware analysis, the current systems either require access to the source code [12] (which in the case of embedded systems is rarely available), or to the physical device [26], [33].…”

Section: Related Workmentioning

confidence: 99%

“…Avatar [33] is a framework supporting dynamic analysis of firmware in embedded systems. It is a hybrid approach, involving both the target physical device as well as an emulator based on the selective symbolic execution engine S2E [9].…”

Section: Related Workmentioning

confidence: 99%

“…These include memory corruption flaws, command injection vulnerabilities, and application logic flaws. Memory corruption vulnerabilities in firmware have received some attention [12], [33], while other vulnerabilities have, as of yet, been relatively unexplored in the context of firmware.…”

Section: Introductionmentioning

confidence: 99%

“…Systems that are based on the instrumentation and execution monitoring of firmware on a real device [26], [33] would not be able to operate in this space, because they require access to and modification of the device in order to run custom software. In turn, this is made difficult by the closed nature (including the aforementioned cryptographic verification of firmware images) and the hardware disparity (any sort of on-device instrumentation would represent a perdevice development effort) of embedded devices.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware

Shoshitaishvili

Wang

Hauser

et al. 2015

Proceedings 2015 Network and Distributed System Security Symposium

261

133

View full text Add to dashboard Cite

Abstract-Embedded devices have become ubiquitous, and they are used in a range of privacy-sensitive and security-critical applications. Most of these devices run proprietary software, and little documentation is available about the software's inner workings. In some cases, the cost of the hardware and protection mechanisms might make access to the devices themselves infeasible. Analyzing the software that is present in such environments is challenging, but necessary, if the risks associated with software bugs and vulnerabilities must be avoided. As a matter of fact, recent studies revealed the presence of backdoors in a number of embedded devices available on the market. In this paper, we present Firmalice, a binary analysis framework to support the analysis of firmware running on embedded devices. Firmalice builds on top of a symbolic execution engine, and techniques, such as program slicing, to increase its scalability. Furthermore, Firmalice utilizes a novel model of authentication bypass flaws, based on the attacker's ability to determine the required inputs to perform privileged operations. We evaluated Firmalice on the firmware of three commercially-available devices, and were able to detect authentication bypass backdoors in two of them. Additionally, Firmalice was able to determine that the backdoor in the third firmware sample was not exploitable by an attacker without knowledge of a set of unprivileged credentials.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware

Shoshitaishvili

Wang

Hauser

et al. 2015

Proceedings 2015 Network and Distributed System Security Symposium

261

133

View full text Add to dashboard Cite

show abstract

Privacy issues of android application permissions: A literature review

Shrivastava

Kumar

Gupta

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Android is an application platform for mobile devices. It comprises of the operating system, software framework, and core programs. This platform uses permissions to hide precious information about the user from untrusted apps. However, to install an application, device feature uses permissions that are granted by the user. User has the ability to analyze permissions and abort the setup if the permissions are unfriendly or unrestrained. Android permission analysis schemes show a significant role to fight against these undesirable behaviors of untrusted android apps in the aspect of security and privacy. This survey attempts to deal with the android application permissions that are related security and privacy challenges. It includes various research articles published in computers and security, digital investigation, decision support systems, systems and software security, and information forensics journals in the last 10 years. The survey is based on the following considerations: research issues motivated by the scheme, the methodology used, ability of result analysis conducted, and android features considered for performance evaluation.

show abstract