• Title/Summary/Keyword: Firmware Emulation

Search Result 5, Processing Time 0.018 seconds

Emulation-Based Fuzzing Techniques for Identifying Web Interface Vulnerabilities in Embedded Device Firmware (임베디드 디바이스 펌웨어의 웹 인터페이스 취약점 식별을 위한 에뮬레이션 기반 퍼징 기법)

  • Heo, Jung-Min;Kim, Ji-Min;Ji, Cheong-Min;Hong, Man-Pyo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.6
    • /
    • pp.1225-1234
    • /
    • 2019
  • The security of the firmware is more important because embedded devices have become popular. Network devices such as routers can be attacked by attackers through web application vulnerabilities in embedded firmware. Therefore, they must be found and removed quickly. The Firmadyne framework proposes a dynamic analysis method to find vulnerabilities after emulating firmware. However, it only performs vulnerability checks according to the analysis methods defined in the tool, thus limiting the scope of vulnerabilities that can be found. In this paper, fuzzing is performed in emulation-based environment through fuzzing, one of the software security test techniques. We also propose a Fabfuzz tool for efficient emulation based fuzzing. Experiments have shown that in addition to the vulnerabilities identified in existing tools, other types of vulnerabilities have been found.

Firmware Fuzzing Method through Pseudo-HAL Identification (유사 HAL 함수 탐색을 통한 펌웨어 퍼징 기법)

  • Jeong, Seyeon;Hwang, Eunbi;Cho, Yeongpil;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.6
    • /
    • pp.1121-1125
    • /
    • 2022
  • HAL-Fuzz, a fuzzing technique to find firmware vulnerabilities, is efficient by using the HAL function of the hardware abstraction layer provided by MCU vendors. However, it cannot handle most firmware that unused the exact HAL function. In this paper, we propose a new method for identifying pseudo-HAL functions to increase the fuzzing availability of HAL-Fuzz. In experiments, we identified not only the HAL but also the pseudo-HAL functions, implemented by the developer, and that fuzzing is possible.

Educational Software Development of Bluetooth Protocol for Protocol Monitoring and Emulation (프로토콜 모니터링 및 에뮬레이션 기능을 제공하는 블루투스 프로토콜의 교육용 소프트웨어)

  • 정중수
    • The Journal of the Korea Contents Association
    • /
    • v.4 no.1
    • /
    • pp.1-7
    • /
    • 2004
  • In addition to wired communication technology, wireless communication technology has been driving communication revolution nowadays. Bluetooth technology carries out data/voice communication making pico-net and the various application services are supported by access network connected to public network. This paper presents educational software development of bluetooth protocol stack including HCI, L2CAP, RFCOMM, SDP and profiles including GAP, SPP, GEOP, FTP. This software which supports programming environment of these protocol monitoring and emulation is implemented basically step by step for education based on H connected to the bluetooth device through RS-232-C, UART or USB cable. Application program coded by Visual C is operated over the firmware loaded on the bluetooth device connected to the PC. Additionally ftp and chatting function are developed to enhance educational efficiency.

  • PDF

Efficient Coverage Guided IoT Firmware Fuzzing Technique Using Combined Emulation (복합 에뮬레이션을 이용한 효율적인 커버리지 가이드 IoT 펌웨어 퍼징 기법)

  • Kim, Hyun-Wook;Kim, Ju-Hwan;Yun, Joobeom
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.5
    • /
    • pp.847-857
    • /
    • 2020
  • As IoT equipment is commercialized, Bluetooth or wireless networks will be built into general living devices such as IP cameras, door locks, cars and TVs. Security for IoT equipment is becoming more important because IoT equipment shares a lot of information through the network and collects personal information and operates the system. In addition, web-based attacks and application attacks currently account for a significant portion of cyber threats, and security experts are analyzing the vulnerabilities of cyber attacks through manual analysis to secure them. However, since it is virtually impossible to analyze vulnerabilities with only manual analysis, researchers studying system security are currently working on automated vulnerability detection systems, and Firm-AFL, published recently in USENIX, proposed a system by conducting a study on fuzzing processing speed and efficiency using a coverage-based fuzzer. However, the existing tools were focused on the fuzzing processing speed of the firmware, and as a result, they did not find any vulnerability in various paths. In this paper, we propose IoTFirmFuzz, which finds more paths, resolves constraints, and discovers more crashes by strengthening the mutation process to find vulnerabilities in various paths not found in existing tools.

Implementation of a Fieldbus System Based on Profibus-DP Protocol (Profibus-DP 프로토콜을 이용한 필드버스 시스템 구현)

  • Bae, Gyu-Sung;Kim, Jong-Bae;Park, Byoung-Wook;Lim, Kye-Young
    • Journal of Institute of Control, Robotics and Systems
    • /
    • v.6 no.10
    • /
    • pp.903-910
    • /
    • 2000
  • In this paper, we describe a slave chip based on the Profibus-DP protocol and a system board to verify the developed slave chip. The Profibus-DP protocol is designed using VHDL and implemented on FPGA. The system board adopting the developed FPGA is designed FPGA is designed in which the firmware is implemented on Intel 8051 by using C language. Among the Profibus-DP protocols, low level layers from the physical layer to the data link layer is implemented in the form of hardware that we are able to greatly reduce the CPU load in processing protocols, and then higher layers could be processed by software. These technologies result in an IP to make terminal devices in the distributed control systems. Therefore, many digital logics as well as communication logics can be implemented onto SOC(System On a Chip) and it could be applied to various fieldbus-related areas.

  • PDF