Research And Implementation Of Iot Device Vulnerability Mining Technology Based On Static Preprocessing And Dynamic Coloring Analysis

In recent years,IoT devices have grown rapidly,bringing convenience to people's lives,but also bringing potential attack surfaces.0Day vulnerabilities in devices may seriously threaten users' private data.Research on vulnerability mining technology for IoT devices has become a research focus in the security field.The complex,heterogeneous,no source code,and strong hardware dependencies of IoT devices make general-purpose software vulnerability mining techniques unable to be directly applied to IoT devices.With the development of technology,a variety of technologies have been applied to the vulnerability mining of IoT devices.Fuzzing testing technology is an effective vulnerability mining technology,but in the environment of IoT devices,fuzzing testing is inefficient and lacks pertinence;simulation execution technology for firmware can increase the execution speed,but firmware programs with hardware dependencies are difficult to simulate Success;static analysis technology does not need to simulate the execution of the target program,can shield the difference of the architecture,and has a wide range of applications,but it is not enough to accurately determine the vulnerability.Based on the above background,this paper studies the firmware-oriented vulnerability mining technology,and proposes two innovation points.In order to make vulnerability mining more targeted,this paper proposes a program path extraction technology based on static analysis,which uses static analysis technology to identify potentially vulnerable functions from the firmware program,and then extracts the execution path from the function.Analyze the extracted suspicious paths and conduct fine-grained vulnerability mining.In order to alleviate the problem that the firmware program cannot be successfully simulated due to initialization errors,this paper proposes a taint-type vulnerability identification technology based on dynamic coloring analysis.This technology does not require complete simulation of the entire firmware program,and uses function hij acking technology to forge the network interaction of the program During the process,the taint-type vulnerabilities can still be discovered in the case of program initialization errors.On the basis of theoretical research,this paper designs and implements a set of vulnerability mining prototype framework Aric.Through the test of multiple actual device firmware,it is shown that the vulnerability mining scheme proposed in this paper can still perform color analysis on programs that fail to initialize.It has stronger applicability to other tools.So far,multiple high-risk vulnerabilities in actual devices have been discovered using this framework,which proves that this framework has strong vulnerability mining capabilities.