Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Firmware version detection method and vulnerability repair rate evaluation method for Internet of Things devices

An IoT device and firmware version technology, applied in version control, software maintenance/management, etc., can solve the problems of unusable and large-scale online identification of the firmware version number of Internet-connected devices, low detection accuracy, etc., and achieve accurate detection, The effect of efficient firmware version detection

Active Publication Date: 2022-04-12
NAT UNIV OF DEFENSE TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the fingerprint extraction of the web interface in this scheme must rely on the firmware simulation virtualization device, and the existing firmware simulation technology can only successfully simulate about 10% of the firmware, so it cannot be used for large-scale device firmware in the real network In fingerprint recognition, it is impossible to realize large-scale online identification of the firmware version number of networked devices, and the use of simulated devices for testing may not be consistent with the fingerprints of real devices, and its actual detection accuracy is not high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firmware version detection method and vulnerability repair rate evaluation method for Internet of Things devices
  • Firmware version detection method and vulnerability repair rate evaluation method for Internet of Things devices
  • Firmware version detection method and vulnerability repair rate evaluation method for Internet of Things devices

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The present invention will be further described below in conjunction with the accompanying drawings and specific preferred embodiments, but the protection scope of the present invention is not limited thereby.

[0045] Such as figure 1 , 2 As shown, the steps of the method for detecting the firmware version of the Internet of Things device in this embodiment include:

[0046] S1. Firmware image file library construction: respectively obtain firmware image files corresponding to various firmware versions of different device models and store them in the database to obtain a firmware image file library;

[0047] S2.Web root directory positioning: extract the file system therein after decompressing each firmware image file in the firmware image file library respectively, and determine the Web root directory of each file system;

[0048] S3. Firmware version feature library construction: traverse and search the web root directory to find all web static resources, extract t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a firmware version detection method and a loophole repair rate evaluation method of an Internet of Things device. The detection method includes: S1. Obtaining a firmware image file; S2. Extracting the file system after decompressing each firmware image file, and determining each file The Web root directory of the system; S3. Search for Web static resources, extract the feature values ​​of each Web static resource in various firmware versions under each device model, and build a corresponding firmware version feature table; S4. Obtain the required device type The IP address list and the firmware version feature table are scanned for fingerprints, the corresponding fingerprints are extracted, and the firmware version number of the device is identified; the evaluation method includes obtaining the model version information of the target vulnerability, and calculating the repair of the target vulnerability based on the results of the above detection method Rate. The invention has the advantages of simple implementation method, high detection accuracy and efficiency, and can realize the evaluation of the repair rate of the leak without triggering the leak.

Description

technical field [0001] The present invention relates to the technical field of Internet of Things devices, in particular to a method for detecting firmware versions of Internet of Things devices and a method for evaluating vulnerability repair rates. Background technique [0002] With the development of the Internet of Things, the number of Internet-connected devices has grown rapidly, with various types and manufacturers. Due to the loopholes in the devices, various security issues have also occurred frequently. Since networked devices are generally unattended, even if vulnerabilities are found, they cannot be repaired in time. Therefore, it is of great significance to evaluate the repair rate of known vulnerabilities in networked devices. If there is no version detection, the current traditional method is to use the vulnerability trigger code to write a scanning program, and use the vulnerability attack test to judge its repair status. However, it is illegal to conduct an ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F8/71
CPCG06F8/71
Inventor 解炜蒋轶焜唐勇陈曙晖喻波杨强周旭
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com