Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack trapping system based on firmware simulation

A firmware and emulator technology, applied in the field of computer security, can solve problems such as inability to analyze vulnerabilities, large attack surface, inactive firmware security detection and update, etc., and achieve the effect of convenient cross-compilation and dynamic adjustment, and comprehensive coverage

Inactive Publication Date: 2021-02-26
NANJING UNIV OF POSTS & TELECOMM
View PDF0 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the disadvantage of this kind of full network scanning is that it can only perform vulnerability scanning for the open ports of embedded devices. If the device has no open ports or is not connected to the Internet at all, it cannot be analyzed for vulnerabilities.
Due to the wide variety of embedded IoT devices with different functions, and there are various security vulnerabilities in the firmware, the security research for embedded devices is very difficult, resulting in an increasing attack surface and frequent also getting higher
Various device manufacturers are not active in firmware security testing and updating, and users will not take the initiative to upgrade the firmware after purchasing the device. Once a vulnerability is found in the firmware of an embedded device, it will affect millions or even tens of millions. The number of users is safe

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack trapping system based on firmware simulation
  • Attack trapping system based on firmware simulation
  • Attack trapping system based on firmware simulation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Embodiments of the present invention will be disclosed in the following diagrams. For the sake of clarity, many practical details will be described together in the following description. It should be understood, however, that these practical details should not be used to limit the invention. That is, in some embodiments of the invention, these practical details are not necessary.

[0035] Such as Figure 1-4 As shown, the present invention is an attack trapping system based on firmware simulation. From the perspective of firmware simulation, the attack behavior is trapped. The system includes the following steps:

[0036] Step 1: Acquisition and analysis of firmware, obtain firmware information on the official website of the device or directly read the firmware storage chip through hardware access, bypass the controller or processor of the control device, directly control the Flash chip of the device, and read the information in the chip The whole piece of content, an...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an attack trapping system based on firmware simulation. The attack trapping system comprises the following steps: (1) obtaining and analyzing firmware; (2) for the firmware information obtained in the step (1), using a QEMU simulator to simulate target firmware through a system-level simulation technology; (3) on the basis of the step (2), constructing a honeypot system, deploying a high-interaction honeypot system based on an SSH proxy protocol in a virtualization environment, and performing information configuration; and (4) on the basis of the step (3), performing attack behavior capture, monitoring various attack behavior characteristics of the equipment in real time in the honeypot, and capturing information such as an attack initiating way of an attacker andthe like. According to the invention, analog simulation is carried out on the firmware through the QEMU simulator, and the honeypot environment based on the SSH protocol is deployed by using the virtualization technology, so that various attack behaviors for the equipment can be effectively monitored in real time, malicious attacks can be captured, and a more efficient and complete system securityprotection system can be constructed.

Description

technical field [0001] The invention belongs to the technical field of computer security, and in particular relates to computer equipment firmware, simulation simulator and honeypot technology, especially an attack trapping system based on firmware simulation. Background technique [0002] With the rapid development of the Internet of Things and the widespread popularization of embedded devices, more and more embedded devices are connected through the network. Users can use mobile phones, PCs and other mobile devices to control any embedded device connected to the network anywhere. For example, people can use their mobile phones to connect to network cameras in the office to monitor any abnormal situation at home at any time, to observe whether the electrical appliances in the home are turned off, whether there are thieves breaking into the house, etc. While bringing convenience, it also brings many potential problems. Embedded devices have a variety of processor architectu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06F21/56G06F21/57
CPCG06F21/55G06F21/566G06F21/577
Inventor 陈霄肖甫沙乐天
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com