Top

Published in:

2018 | OriginalPaper | Chapter

Association Analysis of Firmware Based on NoSQL Database

Authors : Gongbo Wang, Weiyu Dong, Rui Chang

Published in: Cloud Computing and Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With the continuous expanding of the Internet of Things, the security of networked embedded devices attracts much attention. Large scale embedded device firmware provides basic data for automated and artificial intelligent analysis method. Thus, an association analysis method for the large scale firmware security is proposed in this paper. Then, a firmware database platform based on the proposed analysis method is developed. First, the platform can complete the mainline of embedded device firmware crawl with its web crawler program. Then, a firmware NoSQL database including the firmware and its information (such as its vendor, product, version, URL, files, etc.) is formed. Last, the firmware analysis method is applied on the database by matching the hashes of the web files and programs in the firmware file system with vulnerability file. The experimental result shows that the proposed method is effective and efficient.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Assessment of Haze Effects in Human Lives: A Case Study of Investigation in Nanjing

next chapter Authentication of Quantum Dialogue Under Noise

Bellard, F.: QEMU, a fast and portable dynamic translator. In: USENIX Annual Technical Conference, FREENIX Track, vol. 41, p. 46 (2005)

Chen, D., Woo, M., Brumley, D., Egele, M.: Towards automated dynamic analysis for Linux-based embedded firmware. In: Network and Distributed System Security Symposium (2016)

Zaddach, J., Bruno, L., Francillon, A., Balzarotti, D.: Avatar: a framework to support dynamic security analysis of embedded systems’ firmwares. In: Network and Distributed System Security Symposium (2015)

Costin, A., Zarras, A., Francillon, A.: Towards automated classification of firmware images and identification of embedded devices. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 233–247. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58469-0_16CrossRef

Feng, Q., Zhou, R., Xu C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 480–491. ACM (2016)

Xu, X., Liu, C., Feng, Q., Yin, H., Song, L., Song, D.: Neural network-based graph embedding for cross-platform binary code similarity detection. In: CCS 2017 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 363–376. ACM, New York (2017)

Chodorow, K., Dirolf, M.: MongoDB: the definitive guide: powerful and scalable data storage. DBLP (2010)

Scrapy: A fast and powerful scraping and web crawling framework, 31 November 2016. http://scrapy.org

Zhu, X., Yin, Q., Chang, R.: Structured feature library-based progressive firmware format parsing. J. Wuhan Univ. (2017)

10.

Zhou, Z., Xue, Y., Liu, J., Zhang, W., Li, J.: MDH: a high speed multi-phase dynamic hash string matching algorithm for large-scale pattern set. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 201–215. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77048-0_16CrossRef

11.

Hoglund, G.: Fuzzy hash algorithm. US, US 8484152 B2 (2013)

Title: Association Analysis of Firmware Based on NoSQL Database
Authors: Gongbo Wang
Weiyu Dong
Rui Chang
Publisher: Springer International Publishing
Book: Cloud Computing and Security
Print ISBN: 978-3-030-00017-2

Electronic ISBN: 978-3-030-00018-9

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-030-00018-9_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner