Overview
Explore the critical issue of multi-binary vulnerabilities in embedded firmware through this 33-minute Black Hat conference talk. Delve into the challenges posed by low-power, single-purpose embedded devices like routers and IoT devices, and their potential threat to Internet infrastructure. Examine common vulnerabilities, protection mechanisms, and the limitations of dynamic analysis in firmware security. Gain insights into static analysis techniques, focusing on the complexities of multi-binary firmware and binary architecture. Learn about the Canon Architecture, firmware packing, and the concept of Border Binary. Understand the importance of parsing scores, binary dependency graphs, and semantic CPF in vulnerability detection. Discover methods for identifying insecure interactions and analyzing data within firmware. Review evaluation results and access the GitHub repository for further exploration. Enhance your knowledge of embedded firmware security and its implications for the broader Internet ecosystem.
Syllabus
Introduction
Why should we analyze firmware
Common vulnerabilities
Protection mechanisms
Firmwares challenges
Dynamic analysis
Dynamic analysis limitations
Static analysis
Firmware is mostly multibinary
Binary architecture
Example
Research Background
Canon Architecture
Firmware Packing
Border Binary
Parsing Score
Binary Dependency Graph
Semantic CPF
The Problem
Insecure Interaction Detection
Data Analysis
Intention
Team dependencies
Evaluation
Experiments
Evaluation Results
Evaluation Results Summary
GitHub
Conclusion
Taught by
Black Hat