Backdoor detection in embedded system firmware without file system

Chao-jian HU; Yi-bo XUE; Liang ZHAO; Zhou-jun LI

Tongxin xuebao (Aug 2013)

Backdoor detection in embedded system firmware without file system

Chao-jian HU,
Yi-bo XUE,
Liang ZHAO,
Zhou-jun LI

Affiliations

Chao-jian HU
Yi-bo XUE
Liang ZHAO
Zhou-jun LI

Journal volume & issue: Vol. 34
pp. 140 – 145

Abstract

Read online

Any embedded system firmware without file system will integrate its system code and user application code into a single file.This setting has brought some additional difficulties to analyze them.Aimed at this kind of firmware,the problem of library function identification was analyzed,and several heuristic methods to recognize some important function relevant with manipulating network socket and character string / memory were proposed.Based on this analysis,the backdoor detection problem of some typical types including unauthorized listener,unintended function,hidden function,outward connection request etc.were discussed,and several backdoors (one is critical level) in a real world firmware were found.The result shows this method of identifying library function can be useful for security analysis to this type of firmware.

embedded system;firmware;file system;library function identification;backdoor detection

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords