摘要
为了简化现有统一可扩展固件接口驱动执行环境(UEFI DXE)驱动的二进制安全分析流程,提出了一种基于依赖分析和调用劫持的UEFI DXE驱动仿真技术和基于调用引导和即时检测的灰盒模糊测试方法。实验结果证明,所提方法在公开评测样本集上可以检出全部种类的漏洞,并在已知公开漏洞披露的UEFI DXE固件上得到验证,所提方法可以达到更高的代码覆盖率,且需要的前置条件更少。
To simplify the binary security analysis process of existing unified extensible firmware interface driver execution environment(UEFI DXE)driver,a fuzzing method for UEFI DXE binary based on dependency analysis and call hijacking is proposed.A driver emulation technology and a gray-box fuzzing method based on call guidance and on-the-fly detection is also proposed.The experiment results show that all types of vulnerabilities can be detected on the public evaluation sample set and verified on the UEFI DXE firmware with known common vulnerabilities&exposures.Moreover,the proposed method can achieve higher code coverage with fewer pre-requisites.
作者
龙翔
崔宝江
吴佳桐
LONG Xiang;CUI Baojiang;WU Jiatong(School of Cyber Security,Beijing University of Posts and Telecommunications,Beijing 100876,China)
出处
《北京邮电大学学报》
EI
CAS
CSCD
北大核心
2023年第1期121-126,共6页
Journal of Beijing University of Posts and Telecommunications
基金
中央高校基本科研业务费专项项目(2019XD-A19)。
关键词
模糊测试
统一可扩展固件接口固件
统一可扩展固件接口驱动执行环境驱动
fuzzing test
unified extensible firmware interface firmware
unified extensible firmware interface driver execution environment driver
