Ruiqing Xiao, Yuefei Zhu, Anxiang Hu, Xiaoya Zhu, Shengli Liu
{"title":"基于多固件比对的补丁分析方法","authors":"Ruiqing Xiao, Yuefei Zhu, Anxiang Hu, Xiaoya Zhu, Shengli Liu","doi":"10.1145/3459104.3459122","DOIUrl":null,"url":null,"abstract":"A major user need is the completion of security audits by locating vulnerability functions using vulnerability information published by firmware manufacturers. However, it is difficult to manually analyze the relatively large number of patch functions involved in firmware updates. A patch analysis method based on multi-firmware comparison is presented in this study. This method narrows the search for suspected patch functions for vulnerability based on the similarities and differences between different firmware series involved in the vulnerability. Suspected patch functions in multiple firmware programs are first located and filtered based on intervals. Finally, a prototype system is implemented. The filtering results for the prototype system are used to manually locate two one-day vulnerabilities. The experimental results demonstrate that the two methods proposed in this study, namely, patch function location in multiple firmware programs and interval-based patch function filtering, effectively narrow the search for suspected patch functions and reduce the difficulty of manual analysis.","PeriodicalId":142284,"journal":{"name":"2021 International Symposium on Electrical, Electronics and Information Engineering","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Patch Analysis Method Based on Multi-firmware Comparison\",\"authors\":\"Ruiqing Xiao, Yuefei Zhu, Anxiang Hu, Xiaoya Zhu, Shengli Liu\",\"doi\":\"10.1145/3459104.3459122\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A major user need is the completion of security audits by locating vulnerability functions using vulnerability information published by firmware manufacturers. However, it is difficult to manually analyze the relatively large number of patch functions involved in firmware updates. A patch analysis method based on multi-firmware comparison is presented in this study. This method narrows the search for suspected patch functions for vulnerability based on the similarities and differences between different firmware series involved in the vulnerability. Suspected patch functions in multiple firmware programs are first located and filtered based on intervals. Finally, a prototype system is implemented. The filtering results for the prototype system are used to manually locate two one-day vulnerabilities. The experimental results demonstrate that the two methods proposed in this study, namely, patch function location in multiple firmware programs and interval-based patch function filtering, effectively narrow the search for suspected patch functions and reduce the difficulty of manual analysis.\",\"PeriodicalId\":142284,\"journal\":{\"name\":\"2021 International Symposium on Electrical, Electronics and Information Engineering\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-02-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Symposium on Electrical, Electronics and Information Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3459104.3459122\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Symposium on Electrical, Electronics and Information Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3459104.3459122","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Patch Analysis Method Based on Multi-firmware Comparison
A major user need is the completion of security audits by locating vulnerability functions using vulnerability information published by firmware manufacturers. However, it is difficult to manually analyze the relatively large number of patch functions involved in firmware updates. A patch analysis method based on multi-firmware comparison is presented in this study. This method narrows the search for suspected patch functions for vulnerability based on the similarities and differences between different firmware series involved in the vulnerability. Suspected patch functions in multiple firmware programs are first located and filtered based on intervals. Finally, a prototype system is implemented. The filtering results for the prototype system are used to manually locate two one-day vulnerabilities. The experimental results demonstrate that the two methods proposed in this study, namely, patch function location in multiple firmware programs and interval-based patch function filtering, effectively narrow the search for suspected patch functions and reduce the difficulty of manual analysis.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
