摘要
针对现嵌入式设备固件的特点,提出一种基于污点分析的改进模糊测试方法。该方法首先从漏洞利用的角度分析固件的攻击面,然后根据攻击面导出相应的安全规则,并在污点分析结果中引入了测试用例危险权重,最后设计了与危险权重相对应的模糊测试用例集合。通过利用该方法对主流设备进行的漏洞挖掘实验,成功发现隐藏于设备固件中的若干零日漏洞。实验结果证明,该方法具备一定的有效性和实用性。
Combing with the characteristics of embedded device firmwares,an improved fuzzy test method was proposed. After analyzing the attack surface of the firmwares from the standpoint of exploits utilization,several security rules were derived. By introducing the crisis weights of test cases in taint analytical results,a set of fuzzy test cases that are corresponding to crisis weights was designed. The method was used to dig vulnerabilities in popular equipments,and many zero-day exploits were found. Experimental results showed that this method is effective and practical.
出处
《四川大学学报(工程科学版)》
EI
CAS
CSCD
北大核心
2016年第2期125-131,共7页
Journal of Sichuan University (Engineering Science Edition)
基金
国家重点基础研究发展计划资助项目(2014CB340600)
国家高技术研究发展计划资助项目(2015AA016002)
国家自然科学基金重点项目资助(61332019)
国家自然科学基金资助项目(61173138
61272452)
湖北省重点新产品新工艺研究开发项目资助(2012BAA03004)
华为创新研究计划资助项目(YB2013110084)
关键词
嵌入式
固件
漏洞挖掘
污点
危险权重
embedded device
firmware
vulnerability detecting
taint
risk weight