Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2017, Vol. 40 ›› Issue (s1): 98-102.doi: 10.13190/j.jbupt.2017.s.022

• Papers • Previous Articles     Next Articles

An Automated Analysis Method for Large-Scale Embedded Device Firmware

WANG Meng-tao1,2, LIU Zhong-jin3, CHANG Qing1,2, CHEN Yu1,2, SHI Zhi-qiang1,2, SUN Li-min1,2   

  1. 1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
    2. School of Cyber Secwrity, University of Chinese Academy of Sciences, Beijing 100049, China;
    3. National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing 100029, China
  • Received:2016-05-29 Online:2017-09-28 Published:2017-09-28

PDF

292

Abstract: An automated analysis method for large-scale embedded firmware was designed to get device information, such as file system type, operating system type, or CPU instruction set. But it was difficult to know whether it was decoded successfully during automated firmware analysis. To solve this problem, a firmware decoding status detection method was proposed based on classification and regression tree algorithm. The dataset contained 6 160 firmware samples and 1 823 disassembled binary files that were collected from firmware decoding. The experiments conducted on the dataset demonstrated that the proposed method had a considerable performance comparing with other classifiers, whose precision and recall rate are both above 96%.

Key words: embedded device firmware, classification and regression tree, status detection

CLC Number: 

Copyright © 2018 Journal of Beijing University of Posts and Telecommunications 京ICP备14033833号

Adress: BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS    Post Code: 100876    Tel: (010)62281995    QQ: 307514248    weibo    Message    E-mail: byxb@bupt.edu.cn