Towards Automated Exploit Generation for Embedded Systems
نویسندگان
چکیده
Manual vulnerability discovery and exploit development on an executable are very challenging tasks for developers. Therefore, the automation of those tasks is becoming interesting in the field of software security. In this paper, we implement an approach of automated exploit generation for firmware of embedded systems by extending an existing dynamic analysis framework called Avatar. Embedded systems occupy a significant portion of the market but lack typical security features found on general purpose computers, making them prone to critical vulnerabilities. We discuss several techniques to automatically discover vulnerabilities and generate exploits for embedded systems, and evaluate our proposed approach by generating exploits for two vulnerable firmware written for a popular ARM Cortex-M3 microcontroller.
منابع مشابه
Text Generation Methods for Dialog Systems
Text generation systems are typically more powerful than generation components of dialog systems. In order to exploit their advanced capabilities for dialog purposes, we discuss the extension potential of NL generation components of dialog systems on the basis of methods embedded in text generation system. We investigate architectural concerns and crucial system features in a comparison, and we...
متن کاملMethodology and Toolset for Model Verification, Hardware/Software co‐simulation, Performance Optimisation and Customisable Source‐code generation
The MODUS project aims to provide a pragmatic and viable solution that will allow SMEs to substantially improve their positioning in the embedded-systems development market. The MODUS tool will provide a model verification and Hardware/Software co‐simulation tool (TRIAL) and a performance optimisation and customisable source‐code generation tool (TUNE). The concept is depicted in automated mode...
متن کاملAGV (automated guided vehicle) robot: Mission and obstacles in design and performance
The AGV (automated guided vehicle) was introduced in UK in 1953 for transporting. But nowadays, due to their high efficiency, flexibility, reliability, safety and system scalability, they are used in various application in industries. In brief, the AGV robot is a system which typically made up of vehicle chassis, embedded controller, motors, drivers, navigation and collision avoidance sensors, ...
متن کاملSurvey of Automated Vulnerability Detection and Exploit Generation Techniques in Cyber Reasoning Systems
Software is everywhere, from mission critical systems such as industrial power stations, pacemakers and even household appliances. This growing dependence on technology and the increasing complexity software has serious security implications as it means we are potentially surrounded by software that contain exploitable vulnerabilities. These challenges have made binary analysis an important are...
متن کاملIncremental Bounded Model Checking for Embedded Software (extended version)
Program analysis is on the brink of mainstream in embedded systems development. Formal verification of behavioural requirements, finding runtime errors and automated test case generation are some of the most common applications of automated verification tools based on Bounded Model Checking. Existing industrial tools for embedded software use an off-the-shelf Bounded Model Checker and apply it ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016