Router Vulnerability Detection Method Based On Static Analysis And Fuzzing

By offering terminal devices the services they need to connect to the Internet,routers play a crucial role in the cyberspace environment.Cyberattacks on routers frequently have negative effects.These insecure web services contain many of the routers’ common weaknesses.The security of devices must be enhanced by identifying and resolving vulnerabilities in order to battle security issues and defend router devices from attacks.Due to execution cost or a high number of false positives and false negatives,existing vulnerability detection methods are unable to properly or efficiently assess such web services.Fuzzing is a useful technique for identifying security flaws in router hardware.Fuzz testing is frequently inefficient and blind if the firmware of the target device is not sufficiently examined.In this article,we suggest a technique for fuzzing with static analysis assistance to exploit router devices.In particular,it entails using static analysis to create more efficient test cases for router devices’ web interface.Our discovery is that the router firmware has a wealth of information that can be valuable,and we employ static analysis to identify potential flaws in the program code in order to create more efficient test cases and boost the effectiveness of fuzzing.The following is the primary contribution:(1)To automatically find multi-binary vulnerabilities in firmware,it is advised to utilize a novel static analysis technique based on shared keywords.This technique has a substantially lower rate of false negatives.(2)In order to create more effective test cases,an unique vulnerability identification method based on static analysis and fuzz testing is proposed,in which the input of the fuzz test is produced using the output of the static analysis.(3)A novel concept for effective device status anomaly detection is put forth,in which real devices are sent packets containing commands with defined functionalities,and the success of command execution in the packets is checked using local port listening.We created and tested a prototype solution,which we then tested on 46 router firmware versions from four major router suppliers.We discovered 16 vulnerabilities,of which 4 were zero-day flaws.The findings demonstrate that our approach can find vulnerabilities that are not detectable by current vulnerability detection technologies,compared to sophisticated automated vulnerability mining methods.