Design And Implementation Of Firmware Vulnerability Detection System Based On Vulnerability Location

In today's era,Internet of Things devices play an important role in real life and are also an important foundation for the realization of the Internet of Everything.However,while these Internet of Things devices bring convenience to people,the threats in the embedded firmware system cannot be ignored.When there are loopholes in the firmware,an attacker can use it to invade Io T devices to hijack the control flow in the firmware program,and achieve the purpose of executing malicious code,obtaining confidential information,and memory layout information of the firmware program.This paper takes the security of firmware as the starting point of the research,combined with the analysis of the current research status of firmware vulnerability detection at home and abroad,and based on the binary program analysis technology,the vulnerabilities of the firmware are found by analyzing the firmware samples,and whether these vulnerabilities can be identified.Attackers use it to trigger the vulnerability,and then design a firmware vulnerability detection system based on the location of the vulnerability to realize the detection of firmware vulnerabilities.Specifically,on the one hand,for the location of the vulnerability,it is necessary to analyze the firmware vulnerability trigger mechanism and necessary conditions based on binary analysis technology,and collect the collection of vulnerability vulnerability information,so as to discover the vulnerability in the firmware that can be triggered.At the same time,complete the design of related algorithms.On the other hand,based on the related algorithms of vulnerable point location,design and implement a firmware vulnerability detection system based on vulnerable point location.Among them,the firmware vulnerability detection system completes the collection of various types of vulnerability information of the firmware through its various modules,and identifies the exploitable vulnerabilities based on the analysis of the vulnerability trigger mechanism based on the previous work,so as to realize the location based on the vulnerability.Firmware vulnerability detection.The system will complete the functional test of its various modules in the firmware sample to verify the effectiveness of the system.