Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An Inheritance Vulnerability Mining Method for IoT Devices Based on Atomic Control Flow Graph

A technology for IoT devices and control flow graphs, applied in platform integrity maintenance, instrumentation, computing, etc., can solve problems such as inefficiency, low efficiency of IoT device vulnerability mining, and low matching efficiency, to improve speed and accuracy. , Improve the effect of security vulnerability mining ability

Active Publication Date: 2021-02-02
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If control flow graph technology is used to mine firmware vulnerabilities, it is necessary to solve the subgraph isomorphism problem, which is an NP-complete problem. The current subgraph isomorphism search algorithm is not efficient enough. Vulnerability mining efficiency is very low
[0004] In order to solve the problems of low precision when matching the entire function and low efficiency when using the subgraph isomorphism technology of the control flow graph, the present invention proposes a method for mining inheritance vulnerabilities of IoT devices based on the atomic control flow graph. The method can also accurately and quickly compare and retrieve inherited vulnerability codes that only have code fragment reuse

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Inheritance Vulnerability Mining Method for IoT Devices Based on Atomic Control Flow Graph
  • An Inheritance Vulnerability Mining Method for IoT Devices Based on Atomic Control Flow Graph
  • An Inheritance Vulnerability Mining Method for IoT Devices Based on Atomic Control Flow Graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Below in conjunction with accompanying drawing, the present invention will be further described.

[0039] In this embodiment, the method for mining inherited vulnerabilities of IoT devices based on the atomic control flow graph, the overall process is as follows figure 1 As shown, it mainly includes the following steps:

[0040] 1) Build a μCFG generator, which inputs the source code or assembly code to be built, and outputs μCFG of the code.

[0041] Specifically, the flow of the μCFG generator is as follows figure 2 shown.

[0042] 1a) Split the input code into fSeg, take each segment function as fVertex, go to 1b).

[0043] 1b) For each fSeg, use the recursive method depth-first to traverse the function segment and split it into mSeg and μSeg. For Seg1 and Seg2, if Seg2 is split from Seg1, then Seg1 is the parent code segment of Seg2, and Seg2 is the child code segment of Seg1. Go to 1c).

[0044] 1c) For μSeg, normalize the input parameters, output parameters...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an Internet of Things equipment succession vulnerability mining method based on an atomic control flow graph, which comprises the following steps of 1) formally expressing MuCFG as (S, V, E, H), and generating and storing Mu CFG; 2) constructing a DB Mu CFG (KV) according to the KV information published by the vulnerability information publishing platform; 3) obtaining firmware of a specific IoT device, and constructing a DB Mu CFG (IoT) based on the firmware; and 4) retrieving and comparing according to the DB Mu CFG (KV) and the DB Mu CFG (IoT), and outputting a vulnerability retrieval report. The invention provides a concept and a technology of an atomic control flow graph and a complete internet of things equipment inheritance vulnerability mining method basedon the atomic control flow graph in order to solve the problem of accuracy when the inheritance vulnerability of internet of things equipment firmware is rapidly detected by using Hash check. According to the invention, the speed and the accuracy of vulnerability mining personnel in analyzing Internet of Things equipment vulnerabilities can be improved, and further the security vulnerability mining capability of the Internet of Things equipment industry is improved.

Description

technical field [0001] The invention relates to a method for mining inherited vulnerabilities of Internet of Things devices based on an atomic control flow graph. Background technique [0002] Inheritance vulnerabilities refer to the vulnerabilities that exist due to code reuse during the program version iteration process. When an inherited vulnerability is found in one version of a program, it is usually found in adjacent versions as well. For example, take the "Dirty Cow" vulnerability numbered CVE-2016-5195 released by CVE (Common Vulnerabilities and Exposures) as an example. This vulnerability exists in the Linux Kernel (Linux Kernel is a popular open source operating system core ), the scope of influence covers all versions of Linux Kernel 2.x to 4.18.13. This vulnerability stems from a race condition vulnerability in the Linux kernel when handling copy-on-write (Copy-on-Write) operations. Attackers can use this vulnerability to write data to read-only memory with low...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/034
Inventor 芮志清吴敬征罗天悦
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com