Towards Automated Dynamic Analysis for Linux-based Embedded Firmware

Speaker/Bio

Matthias Buchler is a PostDoc in the group of Prof. Manuel Egele. He received his Ph.D from Technical University Munich and his MSc. ETH CS from the Swiss Federal Institute of Technology (ETH) in Zurich. He is currently doing research in the area of security of embedded devices and mobile applications.

Abstract

We use commercial-off-the-shelf (COTS) devices like home routers, IP cameras, or even thermostats on a daily basis. Such devices are often operated by vendor firmwares that are rarely updated, if ever. Since especially home routers are the first and only line of defense of home networks, Chen et al. [1] present FIRMADYNE, an automated and scalable dynamic analysis system for linux-based firmwares. It relies on a software-based full system emulation that allows the analysis of thousands of firmware binaries. FIRMADYNE was evaluated on 23,035 different firmware images from 42 device vendors. The authors discovered 887 vulnerable firmware images, including 14 previously-unknown vulnerabilities.

References

• D. D. Chen, M. Woo, D. Brumley, and M. Egele. Towards automated dynamic analysis for linux-based embedded firmware. In 23nd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016.