Internet of things (IoT) devices make up 30%of all network-connected endpoints,introducing vulnerabilities and novel attacks that make many companies as primary targets for cybercriminals.To address this increasing th...Internet of things (IoT) devices make up 30%of all network-connected endpoints,introducing vulnerabilities and novel attacks that make many companies as primary targets for cybercriminals.To address this increasing threat surface,every organization deploying IoT devices needs to consider security risks to ensure those devices are secure and trusted.Among all the solutions for security risks,firmware security analysis is essential to fix software bugs,patch vulnerabilities,or add new security features to protect users of those vulnerable devices.However,firmware security analysis has never been an easy job due to the diversity of the execution environment and the close source of firmware.These two distinct features complicate the operations to unpack firmware samples for detailed analysis.They also make it difficult to create visual environments to emulate the running of device firmware.Although researchers have developed many novel methods to overcome various challenges in the past decade,critical barriers impede firmware security analysis in practice.Therefore,this survey is motivated to systematically review and analyze the research challenges and their solutions,considering both breadth and depth.Specifically,based on the analysis perspectives,various methods that perform security analysis on IoT devices are introduced and classified into four categories.The challenges in each category are discussed in detail,and potential solutions are proposed subsequently.We then discuss the flaws of these solutions and provide future directions for this research field.This survey can be utilized by a broad range of readers,including software developers,cyber security researchers,and software security engineers,to better understand firmware security analysis.展开更多
Internet of things(IoT)devices are being increasingly used in numerous areas.However,the low priority on security and various IoT types have made these devices vulnerable to attacks.To prevent this,recent studies have...Internet of things(IoT)devices are being increasingly used in numerous areas.However,the low priority on security and various IoT types have made these devices vulnerable to attacks.To prevent this,recent studies have analyzed firmware in an emulation environment that does not require actual devices and is efficient for repeated experiments.However,these studies focused only on major firmware architectures and rarely considered exotic firmware.In addition,because of the diversity of firmware,the emulation success rate is not high in terms of large-scale analyses.In this study,we propose the adaptive emulation framework for multi-architecture(AEMA).In the field of automated emulation frameworks for IoT firmware testing,AEMA considers the following issues:(1)limited compatibility for exotic firmware architectures,(2)emulation instability when configuring an automated environment,and(3)shallow testing range resulting from structured inputs.To tackle these problems,AEMAcan emulate not onlymajor firmware architectures but also exotic firmware architectures not previously considered,such as Xtensa,ColdFire,and reduced instruction set computer(RISC)version five,by implementing a minority emulator.Moreover,we applied the emulation arbitration technique and input keyword extraction technique for emulation stability and efficient test case generation.We compared AEMA with other existing frameworks in terms of emulation success rates and fuzz testing.As a result,AEMA succeeded in emulating 864 out of 1,083 overall experimental firmware and detected vulnerabilities at least twice as fast as the experimental group.Furthermore,AEMAfound a 0-day vulnerability in realworld IoT devices within 24 h.展开更多
In this article,novel emulation strategies for the sectored multiple probe anechoic chamber(SMPAC)are proposed to enable the reliable evaluation of the massive multiple-input multiple-output(MIMO)device operating at b...In this article,novel emulation strategies for the sectored multiple probe anechoic chamber(SMPAC)are proposed to enable the reliable evaluation of the massive multiple-input multiple-output(MIMO)device operating at beamforming mode,which requires a realistic non-stationary channel environment.For the dynamic propagation emulation,an efficient closed-form probe weighting strategy minimizing the power angular spectrum(PAS)emulation errors is derived,substantially reducing the associated computational complexity.On the other hand,a novel probe selection algorithm is proposed to reproduce a more accurate fading environment.Various standard channel models and setup configurations are comprehensively simulated to validate the capacity of the proposed methods.The simulation results show that more competent active probes are selected with the proposed method compared to the conventional algorithms.Furthermore,the derived closedform probe weighting strategy offers identical accuracy to that obtained with complicated numerical optimization.Moreover,a realistic dynamic channel measured in an indoor environment is reconstructed with the developed methodologies,and 95.6%PAS similarity can be achieved with 6 active probes.The satisfactory results demonstrate that the proposed algorithms are suitable for arbitrary channel emulation.展开更多
Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,t...Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.展开更多
eMule是建立在点对点(peer to peer)技术上,以eDonkey协议为基础的文件共享软件。eMule的集中程度是混合性的,并非是完全无中心服务器。文章从协议的角度论述了eMule是如何实现文件共享,分析了客户端到服务器端、客户端到客户端之间的TC...eMule是建立在点对点(peer to peer)技术上,以eDonkey协议为基础的文件共享软件。eMule的集中程度是混合性的,并非是完全无中心服务器。文章从协议的角度论述了eMule是如何实现文件共享,分析了客户端到服务器端、客户端到客户端之间的TCP通讯、UDP通讯的原理及相关的信息序列图。展开更多
A dynamic marine propeller simulation system was developed, which is utilized for meeting the experimental requirement of theory research and engineering design of marine electric propulsion system. By applying an act...A dynamic marine propeller simulation system was developed, which is utilized for meeting the experimental requirement of theory research and engineering design of marine electric propulsion system. By applying an actual ship parameter and its accurate propeller J' -KT' and J' - Kp' curve data, functional experiments based on the simulation system were carried out. The experiment results showed that the system can correctly emulate the propeller characteristics, produce the dynamic and steady performances of the propeller under different navigation modes, and present actual load torque for electric propulsion motor.展开更多
文摘Internet of things (IoT) devices make up 30%of all network-connected endpoints,introducing vulnerabilities and novel attacks that make many companies as primary targets for cybercriminals.To address this increasing threat surface,every organization deploying IoT devices needs to consider security risks to ensure those devices are secure and trusted.Among all the solutions for security risks,firmware security analysis is essential to fix software bugs,patch vulnerabilities,or add new security features to protect users of those vulnerable devices.However,firmware security analysis has never been an easy job due to the diversity of the execution environment and the close source of firmware.These two distinct features complicate the operations to unpack firmware samples for detailed analysis.They also make it difficult to create visual environments to emulate the running of device firmware.Although researchers have developed many novel methods to overcome various challenges in the past decade,critical barriers impede firmware security analysis in practice.Therefore,this survey is motivated to systematically review and analyze the research challenges and their solutions,considering both breadth and depth.Specifically,based on the analysis perspectives,various methods that perform security analysis on IoT devices are introduced and classified into four categories.The challenges in each category are discussed in detail,and potential solutions are proposed subsequently.We then discuss the flaws of these solutions and provide future directions for this research field.This survey can be utilized by a broad range of readers,including software developers,cyber security researchers,and software security engineers,to better understand firmware security analysis.
基金This work was supported by the Ministry of Science and ICT(MSIT)Korea,under the Information Technology Research Center(ITRC)support program(IITP-2022-2018-0-01423)+2 种基金supervised by the Institute for Information&Communications Technology Planning&Evaluation(IITP)by MSIT,Korea under the ITRC support program(IITP-2021-2020-0-01602)supervised by the IITP.
文摘Internet of things(IoT)devices are being increasingly used in numerous areas.However,the low priority on security and various IoT types have made these devices vulnerable to attacks.To prevent this,recent studies have analyzed firmware in an emulation environment that does not require actual devices and is efficient for repeated experiments.However,these studies focused only on major firmware architectures and rarely considered exotic firmware.In addition,because of the diversity of firmware,the emulation success rate is not high in terms of large-scale analyses.In this study,we propose the adaptive emulation framework for multi-architecture(AEMA).In the field of automated emulation frameworks for IoT firmware testing,AEMA considers the following issues:(1)limited compatibility for exotic firmware architectures,(2)emulation instability when configuring an automated environment,and(3)shallow testing range resulting from structured inputs.To tackle these problems,AEMAcan emulate not onlymajor firmware architectures but also exotic firmware architectures not previously considered,such as Xtensa,ColdFire,and reduced instruction set computer(RISC)version five,by implementing a minority emulator.Moreover,we applied the emulation arbitration technique and input keyword extraction technique for emulation stability and efficient test case generation.We compared AEMA with other existing frameworks in terms of emulation success rates and fuzz testing.As a result,AEMA succeeded in emulating 864 out of 1,083 overall experimental firmware and detected vulnerabilities at least twice as fast as the experimental group.Furthermore,AEMAfound a 0-day vulnerability in realworld IoT devices within 24 h.
基金supported by National Natural Science Foundation of China(No.62090015,No.61821001)BUPT Excellent Ph.D.Students Foundation under Grant(CX2021216)。
文摘In this article,novel emulation strategies for the sectored multiple probe anechoic chamber(SMPAC)are proposed to enable the reliable evaluation of the massive multiple-input multiple-output(MIMO)device operating at beamforming mode,which requires a realistic non-stationary channel environment.For the dynamic propagation emulation,an efficient closed-form probe weighting strategy minimizing the power angular spectrum(PAS)emulation errors is derived,substantially reducing the associated computational complexity.On the other hand,a novel probe selection algorithm is proposed to reproduce a more accurate fading environment.Various standard channel models and setup configurations are comprehensively simulated to validate the capacity of the proposed methods.The simulation results show that more competent active probes are selected with the proposed method compared to the conventional algorithms.Furthermore,the derived closedform probe weighting strategy offers identical accuracy to that obtained with complicated numerical optimization.Moreover,a realistic dynamic channel measured in an indoor environment is reconstructed with the developed methodologies,and 95.6%PAS similarity can be achieved with 6 active probes.The satisfactory results demonstrate that the proposed algorithms are suitable for arbitrary channel emulation.
基金This work was supported by the Fundamental Research Funds for the Central Universities(2021RC239)the Postdoctoral Science Foundation of China(2021 M690338)+3 种基金the Hainan Provincial Natural Science Foundation of China(620RC562,2019RC096,620RC560)the Scientific Research Setup Fund of Hainan University(KYQD(ZR)1877)the Program of Hainan Association for Science and Technology Plans to Youth R&D Innovation(QCXM201910)the National Natural Science Foundation of China(61802092,62162021).
文摘Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.
文摘eMule是建立在点对点(peer to peer)技术上,以eDonkey协议为基础的文件共享软件。eMule的集中程度是混合性的,并非是完全无中心服务器。文章从协议的角度论述了eMule是如何实现文件共享,分析了客户端到服务器端、客户端到客户端之间的TCP通讯、UDP通讯的原理及相关的信息序列图。
基金supported by the Fund of Shanghai Committee of Science and Technology(Grant No.11170501700)the International Cooperation and Exchange Projects of the Ministry of Science and Technology(Grant No.2012DFG71850)
文摘A dynamic marine propeller simulation system was developed, which is utilized for meeting the experimental requirement of theory research and engineering design of marine electric propulsion system. By applying an actual ship parameter and its accurate propeller J' -KT' and J' - Kp' curve data, functional experiments based on the simulation system were carried out. The experiment results showed that the system can correctly emulate the propeller characteristics, produce the dynamic and steady performances of the propeller under different navigation modes, and present actual load torque for electric propulsion motor.
