Automatic Identification and Cracking Method for Vulnerable Hash Functions of Embedded Firmwares

doi:10.13190/j.jbupt.2019-085

Journal of Beijing University of Posts and Telecommunications ›› 2020, Vol. 43 ›› Issue (1): 46-53.doi: 10.13190/j.jbupt.2019-085

• Papers • Previous Articles Next Articles

Automatic Identification and Cracking Method for Vulnerable Hash Functions of Embedded Firmwares

ZHANG Guo-dong^1,2, YING Huan³, YANG Shou-guo^1,2, SHI Zhi-qiang^1,2, LI Ji-yuan⁴

1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China;
3. China Electric Power Research Institute, Beijing 100192, China;
4. State Grid Zhejiang Electric Power Research Institute, Hangzhou 310014, China

Received:2019-05-21 Online:2020-02-28 Published:2020-03-27
Supported by:

Abstract

Abstract: There exist some problems for the existing firmware vulnerable Hash functions mining technology, for the reason that the identification error rate is high, the positioning is not accurate, the cracking is difficult and so on. To solve these problems, a method that uses vulnerable Hash functions identification and positioning technique based on machine learning model and a structured matching method is proposed. Meantime, constraint solution of Z3 satisfiability modulo theories (Z3 SMT) based on VEX intermediate representation (VEX IR) and symbol execution techniques for an automatic identification and cracking method or vulnerable Hash functions of embedded firmwares are proposed. A complete automated analysis process is constructed for the vulnerable Hash functions in the firmware binaries from being identified and positioned to being cracked. Experiments show that the method can identify and position the vulnerable Hash functions in the binary files which compiled by multiple architectures and compiler optimization options with the accuracy rate as high as 98%, vulnerable Hash functions with a structure similar to the BKDRHash Hash function structure can be accurately positioned and quickly cracked out of many collision values.

Key words: embedded device firmware, feature extraction, machine learning, identification and cracking of vulnerable Hash functions, constraint solution

CLC Number:

TP309.1

ZHANG Guo-dong, YING Huan, YANG Shou-guo, SHI Zhi-qiang, LI Ji-yuan. Automatic Identification and Cracking Method for Vulnerable Hash Functions of Embedded Firmwares[J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(1): 46-53.

[1]	CHANG Xiao, HUANG Zhibin, YU Min, YANG Wubing. A Deep Decision Tree Model for Aerospace Big Data [J]. Journal of Beijing University of Posts and Telecommunications, 2023, 46(3): 1-6.
[2]	SONG Yubo, GAO Jiazhen. Improved YOLOv3 Algorithm for Multi-Target Detection of Traffic [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(5): 103-108.
[3]	ZHANG Xiaoqian, TAN Zhen, WANG Xiao, LIANG Qin, WAN Liming. Image Feature Extraction Algorithm Based on Orthogonal Projection Learning [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(5): 85-90,128.
[4]	OUYANG Mowei, KANG Guixia, WANG Kailiang, WANG Yaming. Automated Hippocampal Sclerosis Detection Method with Radiomics Analysis [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(4): 51-57.
[5]	ZHAO Haiying, ZHU Hui, HOU Xiaogang. Traditional Custume Image Semantic Segmentation Based on Improved EMA Unit [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(1): 69-74.
[6]	MU Xiao-hui, LI Li-xiang. Network Traffic Prediction of Dropout Echo State Network [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(5): 10-13,20.
[7]	TANG Yong-li, LI Xing-yu, ZHAO Zong-qu, LI Yun-feng. Detection Method for Android Payment Cracked Application [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(4): 95-101.
[8]	PENG Yu-he, CHEN Xiang, CHEN Shuang-wu, YANG Jian. Cross-Domain Abnormal Traffic Detection Based on Transfer Learning [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(2): 33-39.
[9]	Lü Xing-feng, LI Jin-bao. A Method of Detecting Sleep Apnea Using Random Forest [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(5): 64-70.
[10]	ZHANG De-gan, CHEN Lu, CHEN Chen, ZHANG Ting, CUI Yu-ya. A New Algorithm of QoS Constrained Routing for Node Energy Optimization of Edge Computing [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(4): 101-105.
[11]	ZHOU Yi-lin, YANG Lu, LU Wen-rui. Exploring the Life Modeling Methods for Electrochemical Migration Failure of Printed Circuit Board under Dust Particles [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(3): 11-18,31.
[12]	QIU Jing-ming, QU Hua, ZHAO Ji-hong. A Robust Network Traffic Classification and New Type Discovery Algorithm [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(2): 40-45.
[13]	LIU Pai, SUN Yan, REN Wei. An ANTLR-Based Feature Extraction and Detection System for Scratch3.0 [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(6): 70-75.
[14]	YU Kai-xiang, CHEN Zhen-hao, ZHANG Si-hai. A Key Variable Detection Algorithm in Multivariate Manufacturing Process [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(6): 98-104.
[15]	MENG Hao, HUO Ru, GUO Qian-ying, HUANG Tao, LIU Yun-jie. Machine Learning-Based Stochastic Task Offloading Algorithm in Mobile-Edge Computing [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(2): 25-30.

Automatic Identification and Cracking Method for Vulnerable Hash Functions of Embedded Firmwares

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments