| With the rapid development of Internet of things,intelligent hardware equipments have becoming an important part in our lives.They widely exist in the smart routers,network cameras,smart home devices and smart wearable devices.Intelligent hardware security issues will not only bring personal privacy leaks,but also pose a threat to the personal lives of security.Intelligent hardware security reaserch is an import part of the network security.By analyzing the characteristics of existing intelligent hardware equipments,we found that the most used intelligent hardware devices are based on the embedded Linux system,which is the research object in our paper.In our paper,we achieve the intelligent hardware function completely through software simulation method without the hardware device.Security problems are mining by using static and dynamic anlysis method.We use QEMU simulator to simulate the intelligent hardware firmware,which can save the cost of buying harware device.It will be much more comprehensive and efficiently to mining the system security problems by software simulation as we can modify the part of the firmware.In the static analysis phase,we collect the information of many files and mining the web code security problems,which can be tested and verified in the dynamic analysis phase.In the dynamic analysis phase,we use some open source tools to mining the security vulnerabilities by testing on the running simulator comprehensively.Our purpose is to find as many security problems as possible in the intelligent hardware devices.Depending on the method proposed in this paper,1945 firmwares from 24 vendors that are being used by intelligent hardware are tested,and 365 security problems in 96 firmwares are found,all the problems are submitted to the manufactures and the third security organizations. |
PDF Full Text Request