University of Jyväskylä | JYX Digital Repository

  • English  | Give feedback |
    • suomi
    • English
 
  • Login
JavaScript is disabled for your browser. Some features of this site may not work without it.
View Item 
  • JYX
  • Artikkelit
  • Informaatioteknologian tiedekunta
  • View Item
JYX > Artikkelit > Informaatioteknologian tiedekunta > View Item

Towards Automated Classification of Firmware Images and Identification of Embedded Devices

ThumbnailFinal Draft
View/Open
257.3 Kb

Downloads:  
Show download detailsHide download details  
Costin, A., Zarras, A., & Francillon, A. (2017). Towards Automated Classification of Firmware Images and Identification of Embedded Devices. In S. De Capitani di Vimercati, & F. Martinelli (Eds.), ICT Systems Security and Privacy Protection : 32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings (pp. 233-247). Springer. IFIP Advances in Information and Communication Technology, 502. https://doi.org/10.1007/978-3-319-58469-0_16
Published in
IFIP Advances in Information and Communication Technology
Authors
Costin, Andrei |
Zarras, Apostolis |
Francillon, Aurélien
Editors
De Capitani di Vimercati, Sabrina |
Martinelli, Fabio
Date
2017
Discipline
TietotekniikkaMathematical Information Technology
Copyright
© IFIP International Federation for Information Processing 2017. This is a final draft version of an article whose final and definitive form has been published by Springer. Published in this repository with the kind permission of the publisher.

 
Embedded systems, as opposed to traditional computers, bring an incredible diversity. The number of devices manufactured is constantly increasing and each has a dedicated software, commonly known as firmware. Full firmware images are often delivered as multiple releases, correcting bugs and vulnerabilities, or adding new features. Unfortunately, there is no centralized or standardized firmware distribution mechanism. It is therefore difficult to track which vendor or device a firmware package belongs to, or to identify which firmware version is used in deployed embedded devices. At the same time, discovering devices that run vulnerable firmware packages on public and private networks is crucial to the security of those networks. In this paper, we address these problems with two different, yet complementary approaches: firmware classification and embedded web interface fingerprinting. We use supervised Machine Learning on a database subset of real world firmware files. For this, we first tell apart firmware images from other kind of files and then we classify firmware images per vendor or device type. Next, we fingerprint embedded web interfaces of both physical and emulated devices. This allows recognition of web-enabled devices connected to the network. In some cases, this complementary approach allows to logically link web-enabled online devices with the corresponding firmware package that is running on the devices. Finally, we test the firmware classification approach on 215 images with an accuracy of 93.5%, and the device fingerprinting approach on 31 web interfaces with 89.4% accuracy. ...
Publisher
Springer
Parent publication ISBN
978-3-319-58468-3
Conference
IFIP International Conference on ICT Systems Security and Privacy Protection
Is part of publication
ICT Systems Security and Privacy Protection : 32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings
ISSN Search the Publication Forum
1868-4238
Keywords
sulautettu tietotekniikka tietoturva haavoittuvuus koneoppiminen ubiquitous computing data security vulnerability machine learning
DOI
https://doi.org/10.1007/978-3-319-58469-0_16
URI

http://urn.fi/URN:NBN:fi:jyu-201711224329

Publication in research information system

https://converis.jyu.fi/converis/portal/detail/Publication/27070681

Metadata
Show full item record
Collections
  • Informaatioteknologian tiedekunta [1972]

Related items

Showing items with similar title or keywords.

  • Self-management in distributed systems : smart adaptive framework for pervasive computing environments 

    Nagy, Michal (University of Jyväskylä, 2013)
  • Insecure Firmware and Wireless Technologies as “Achilles’ Heel” in Cybersecurity of Cyber-Physical Systems 

    Costin, Andrei (Springer, 2022)
    In this chapter, we analyze cybersecurity weaknesses in three use-cases of real-world cyber-physical systems: transportation (aviation), remote explosives and robotic weapons (fireworks pyrotechnics), and physical security ...
  • Vulnerabilities in the wild : detecting vulnerable web applications at scale 

    Laitinen, Pentti (2018)
    Web-sovellukset ovat suosittu kohde pahansuoville hyökkäyksille. Yleisissä web-sovelluksista voi löytyä useita haavoittuvuuksia vuoden aikana, joten on tärkeää päivittää sovelluksia aktiivisesti, jos niihin tulee ...
  • Approaches and challenges of automatic vulnerability classification using natural language processing and machine learning techniques 

    Jormakka, Ossi (2019)
    Automatisoitu haavoittuvuuksien etsiminen ja haavoittuvuuksien yksityiskohtien ennustaminen voi auttaa asiantuntijoita priorisoimaan ohjelmistovirheitä, joka voi johtaa nopeampaan virheenkorjaukseen. Tässä työssä käytettiin ...
  • Attacking TrustZone on devices lacking memory protection 

    Stajnrod, Ron; Ben Yehuda, Raz; Zaidenberg, Nezer Jacob (Springer Science and Business Media LLC, 2022)
    ARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the ...
  • Browse materials
  • Browse materials
  • Articles
  • Conferences and seminars
  • Electronic books
  • Historical maps
  • Journals
  • Tunes and musical notes
  • Photographs
  • Presentations and posters
  • Publication series
  • Research reports
  • Research data
  • Study materials
  • Theses

Browse

All of JYXCollection listBy Issue DateAuthorsSubjectsPublished inDepartmentDiscipline

My Account

Login

Statistics

View Usage Statistics
  • How to publish in JYX?
  • Self-archiving
  • Publish Your Thesis Online
  • Publishing Your Dissertation
  • Publication services

Open Science at the JYU
 
Data Protection Description

Accessibility Statement

Unless otherwise specified, publicly available JYX metadata (excluding abstracts) may be freely reused under the CC0 waiver.
Open Science Centre