Finding Taint-Style Vulnerabilities in Lua Application of IoT Firmware with Progressive Static Analysis-Reference-Cited by-同舟云学术

Finding Taint-Style Vulnerabilities in Lua Application of IoT Firmware with Progressive Static Analysis

Published:2023-08-28 Issue:17 Volume:13 Page:9710
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Li Xixing¹^ORCID,Wei Qiang¹,Wu Zehui¹²,Guo Wei¹²

Affiliation:

1. School of Cyber Science and Engineering, Information Engineering University, Zhengzhou 450000, China

2. State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China

Abstract

With the rapid growth of IoT devices, ensuring the security of embedded firmware has become a critical concern. Despite advances in existing vulnerability discovery methods, previous research has been limited to vulnerabilities occurring in binary programs. Although an increasing number of vendors are utilizing Lua scripting language in firmware development, no automated method is currently available to discover vulnerabilities in Lua-based programs. To fill this gap, in this paper, we propose FLuaScan, a novel progressive static analysis approach specifically designed to detect taint-style vulnerabilities in Lua applications in IoT firmware. FLuaScan first heuristically locates the code that handles user input, then divides the code into different segments to conduct a progressive taint analysis. Finally, a graph-based search method is applied to identify vulnerable code that satisfies the conditions of taint propagation. To comprehensively compare FLuaScan with state-of-the-art tool Tscancode, we conducted various experiments on a dataset consisting of 13 real-world firmware samples from different vendors. The results demonstrate the superior performance of FLuaScan in terms of accuracy (increased TP rate from 0% to 42.50%), effectiveness (discovered 21 vulnerabilities, of which 7 are unknown), and practicality (acceptable time overhead and visual output to assist in manual analysis).

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/17/9710/pdf

Reference48 articles.

1. IoT Analytics (2023, August 20). State of IoT 2023: Number of Connected IoT Devices Growing 16% to 16.7 Billion Globally. Available online: https://iot-analytics.com/number-connected-iot-devices/.

2. Kirda, E., and Ristenpart, T. (2017). Proceedings of the 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, 16–18 August 2017, USENIX Association.

3. Microsoft (2023). Technical Report, Available online: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv.

4. Edge Intelligence: The Confluence of Edge Computing and Artificial Intelligence;Deng;IEEE Internet Things J.,2020

5. Energy-Efficient Dynamic and Adaptive State-Based Scheduling (EDASS) Scheme for Wireless Sensor Networks;Khan;IEEE Sens. J.,2022

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Using Semgrep OSS to Find OWASP Top 10 Weaknesses in PHP Applications: A Case Study;Lecture Notes in Computer Science;2024

2. Seum Spread: Discerning Security Flaws in IoT Firmware via Call Sequence Semantics;Lecture Notes in Computer Science;2024