Identifying Multi-Binary Vulnerabilities in Embedded Firmware at Scale

Explore the critical issue of multi-binary vulnerabilities in embedded firmware through this 33-minute Black Hat conference talk. Delve into the challenges posed by low-power, single-purpose embedded devices like routers and IoT devices, and their potential threat to Internet infrastructure. Examine common vulnerabilities, protection mechanisms, and the limitations of dynamic analysis in firmware security. Gain insights into static analysis techniques, focusing on the complexities of multi-binary firmware and binary architecture. Learn about the Canon Architecture, firmware packing, and the concept of Border Binary. Understand the importance of parsing scores, binary dependency graphs, and semantic CPF in vulnerability detection. Discover methods for identifying insecure interactions and analyzing data within firmware. Review evaluation results and access the GitHub repository for further exploration. Enhance your knowledge of embedded firmware security and its implications for the broader Internet ecosystem.