A"Large(Scale"Analysis"of"the" - - PowerPoint PPT Presentation

a large scale analysis of the security of embedded
SMART_READER_LITE
LIVE PREVIEW

A"Large(Scale"Analysis"of"the" - - PowerPoint PPT Presentation

Jun 15, 2023 541 likes •786 views

A"Large(Scale"Analysis"of"the" Security"of"Embedded"Firmwares Presented(by(Zhenyu Ning 1 Contents 1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study

slide-1
SLIDE 1

A"Large(Scale"Analysis"of"the" Security"of"Embedded"Firmwares

Presented(by(Zhenyu Ning

1

slide-2
SLIDE 2

Contents

1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study 5.(Conclusion

2

slide-3
SLIDE 3

Contents

3

1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study 5.(Conclusion

slide-4
SLIDE 4

Firmware

  • IEEE(definition:(Combination(of(a(hardware(device(and(

computer(instructions(or(computer(data(that(reside(as(readJ

  • nly(software(on(the(hard(ware(device.
  • Software(that(is(embedded(in(a(hardware(device.

4

slide-5
SLIDE 5

Contents

1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study 5.(Conclusion

5

slide-6
SLIDE 6

Motivation

  • Physically(analysis
  • Cost
  • Operability(
  • Online(device(analysis
  • Difficulty(
  • Ethic

6

slide-7
SLIDE 7

Challenges

  • Building(a(Representative(Dataset
  • Firmware(Identification
  • Unpacking(and(Custom(Formats
  • Scalability(and(Computational(Limits
  • Results(Confirmation

7

slide-8
SLIDE 8

Contents

1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study 5.(Conclusion

8

slide-9
SLIDE 9

Architecture

9

slide-10
SLIDE 10

Firmware"Acquisition"and"Storage

  • Web(crawler(
  • FTP(Index(Engine(
  • GCSE(
  • Web(submission(interface(

10

slide-11
SLIDE 11

Unpacking"and"Analysis

  • Unpacking(
  • binwalk,(FRAK,(BAT(

(

  • BAT
  • low(false(positive((
  • recursive(unpacking
  • generic(interface(

11

slide-12
SLIDE 12

Unpacking"and"Analysis"(Cont.)

  • Password(Hash(Cracking(
  • John(The(Ripper
  • A(Dictionary(built(from(common(password(lists(and(resources.
  • Parallelizing(the(Unpacking(and(Analysis

12

slide-13
SLIDE 13

Correlation"Engine

  • Comparison(
  • Shared(Credentials(and(SelfJSigned(Certificates(
  • Keywords
  • Fuzzy(hashes
  • Future(work(
  • Distributed(comparison(and(clustering(infrastructure(
  • “bins”(partitioning(approach

13

slide-14
SLIDE 14

Data"Enrichment

  • Automated(queries(
  • <title>(tag(of(web(pages(
  • authentication(realms(of(web(servers(
  • Passive(scans
  • (SSL(certificates(
  • (ZMap

14

slide-15
SLIDE 15

Contents

1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study 5.(Conclusion

15

slide-16
SLIDE 16

General"Dataset"Statistics

  • 172,751(files(out(of(759,273(files(collected(by(crawler.
  • 32,356(firmware(images(out(of(172,751(files.
  • 26,275(images(successfully(unpacked(

16

slide-17
SLIDE 17

Files"Formats

17

slide-18
SLIDE 18

Results"Overview

  • Password(Hashes(Statistics
  • Certificates(and(Private(RSA(Keys(Statistics
  • Packaging(Outdated(and(Vulnerable(Software
  • Building(Images(as(root
  • Web(Servers(Configuration

18

slide-19
SLIDE 19

Case"study

  • Backdoors
  • Plain(text(search
  • Private(SSL(Key
  • Common(vulnerable(components
  • XSS(in(WiFi Enabled(SD(Cards
  • Manually(vulnerability(confirmation

19

slide-20
SLIDE 20

Contents

1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study 5.(Conclusion

20

slide-21
SLIDE 21

Conclusion

  • LargeJscale(static(analysis
  • Beneficial
  • Desirable(
  • Future(work
  • Continue(analysis(on(current(firmware(image
  • Improve(analysis(technique

21

slide-22
SLIDE 22

Reference

  • Costin,(Andrei,(et(al.("A(largeJscale(analysis(of(the(security(of(

embedded(firmwares." USENIX'Security'Symposium.(2014.

22

slide-23
SLIDE 23

Thank(you!

23