| With advancements in IoT technology,more and more physical devices are connected to the Internet,thus,the security of firmware residing in the devices is more crucial than ever.Searching known vulnerabilities in binary firmware is a very important aspect of firmware security,especially in cross-architecture scenarios.If we can take advantage of known vulnerabilities to search homologous vulnerabilities in firmware across different architectures,it is helpful to prevent the same known vulnerabilities from affecting the massive devices,which is meaningful for firmware security.This thesis mainly makes some improvement on the exsisting crossarchitecture method discovRE.The major works and contributions of this thesis are as follows:1)A three-stage method based on kNN-SVM-BM for cross-architecture vulnerability search in binary firmware is proposed,which has improved the efficiency of the exsisting cross-architecture method discovRE.The method is divided into three stages,while discovRE only has two stages.The main idea of the method is to reduce the number of the candidate functions by adding a fine filter stage,thus improving the overall efficiency of the method.The experimental results show that the method can promote the overall efficiency at the expense of the less accuracy of functions pre-filter,and on our dataset,the bipartite matching used in the method has higher performance than the MCS used in discovRE.2)A two-stage method based on weighted kNN-BM for cross-architecture vulnerability search in binary firmware is proposed,which has improved the accuracy of the functions pre-filter in discovRE.The method is divided into two stages as discovRE does.Taking into account the disadvantages of the Euclidean distance on kNN,the weighted Euclidean distance and weighted mahalanobis distance are respectively utilized in the first stage to improve the accuracy of kNN.The experimental results show that the method can improve the accuracy of the functions pre-filter without affecting the overall efficiency.3)A three-stage method based on weighted kNN-SVM-BM for cross-architecture vulnerability search in binary firmware is proposed,which has improved the accuracy of functions pre-filter and the overall efficiency in discovRE.Based on the above two methods,this method applies the weighted kNN in the three-stage method based on kNN-SVM-BM,which takes ingto account the accuracy of functions pre-filter and the overall efficiency at the same time.The experimental results show that the method has higher accuracy and efficiency than discovRE. |
PDF Full Text Request