A Large-Scale Analysis of the Security of Embedded Firmwares
As embedded systems are more than ever present in our society, their security is becoming an increasingly important issue. However, based on the results of many recent analyses of individual firmware images, embedded systems acquired a reputation of being insecure. Despite these facts, we still lack a global understanding of embedded systems’ security as well as the tools and techniques needed to support such general claims.
In this paper we present the first public, large-scale analysis of firmware images. In particular, we unpacked 32 thousand firmware images into 1.7 million individual files, which we then statically analyzed.We leverage this large-scale analysis to bring new insights on the security of embedded devices and to underline and detail several important challenges that need to be addressed in future research. We also show the main benefits of looking at many different devices at the same time and of linking our results with other large-scale datasets such as the ZMap’s HTTPS survey.
In summary, without performing sophisticated static analysis, we discovered a total of 38 previously unknown vulnerabilities in over 693 firmware images. Moreover, by correlating similar files inside apparently unrelated firmware images, we were able to extend some of those vulnerabilities to over 123 different products. We also confirmed that some of these vulnerabilities altogether are affecting at least 140K devices accessible over the Internet. It would not have been possible to achieve these results without an analysis at such wide scale.
We believe that this project, which we plan to provide as a firmware unpacking and analysis web service1, will help shed some light on the security of embedded devices.
Tuesday, July 29, 2014 - 4:00pm
Authors:
Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti, Eurecom
Open Access Content
Papers are restricted to registered attendees until the event begins. Once the event begins, the content becomes free and open to everyone. Journal articles are open to everyone upon publication. If available, video, audio, and/or slides of this presentation will be posted here after the event.
@inproceedings {184449,
author = {Andrei Costin and Jonas Zaddach and Aur{\'e}lien Francillon and Davide Balzarotti},
title = {A Large-Scale Analysis of the Security of Embedded Firmwares},
booktitle = {23rd USENIX Security Symposium (USENIX Security 14)},
year = {2014},
month = Aug,
isbn = {978-1-931971-15-7},
address = {San Diego, CA},
pages = {95--110},
url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/costin},
publisher = {USENIX Association},
}
<br><a href="/biblio/export/bibtex/184449">Download</a>
Abstract:
As embedded systems are more than ever present in our society, their security is becoming an increasingly important issue. However, based on the results of many recent analyses of individual firmware images, embedded systems acquired a reputation of being insecure. Despite these facts, we still lack a global understanding of embedded systems’ security as well as the tools and techniques needed to support such general claims.
In this paper we present the first public, large-scale analysis of firmware images. In particular, we unpacked 32 thousand firmware images into 1.7 million individual files, which we then statically analyzed.We leverage this large-scale analysis to bring new insights on the security of embedded devices and to underline and detail several important challenges that need to be addressed in future research. We also show the main benefits of looking at many different devices at the same time and of linking our results with other large-scale datasets such as the ZMap’s HTTPS survey.
In summary, without performing sophisticated static analysis, we discovered a total of 38 previously unknown vulnerabilities in over 693 firmware images. Moreover, by correlating similar files inside apparently unrelated firmware images, we were able to extend some of those vulnerabilities to over 123 different products. We also confirmed that some of these vulnerabilities altogether are affecting at least 140K devices accessible over the Internet. It would not have been possible to achieve these results without an analysis at such wide scale.
We believe that this project, which we plan to provide as a firmware unpacking and analysis web service1, will help shed some light on the security of embedded devices.
connect with us