File(s) under embargo
until file(s) become available
REHOSTING EMBEDDED APPLICATIONS AS LINUX APPLICATIONS FOR DYNAMIC ANALYSIS
Dynamic analysis of embedded firmware is a necessary capability for many security tasks, e.g., vulnerability detection. Rehosting is a technique that enables dynamic analysis by facilitating the execution of firmware in a host environment decoupled from the actual hardware. Current rehosting techniques focus on high-fidelity execution of the entire firmware. Consequently, these techniques try to execute firmware in an emulated environment, with precise models of hardware (i.e., peripheral) interactions. However, these techniques are hard to scale and have various drawbacks.
Therefore, a novel take on rehosting is proposed by focusing on the application components and their interactions with the firmware without the need to model hardware dependencies. This is achieved by rehosting the embedded application as a Linux application. In addition to avoiding precise peripheral modeling, such a rehosting technique enables the use of existing dynamic analysis techniques on these embedded applications. The feasibility of this approach is demonstrated first by manually performing the rehosting on real-world embedded applications. The challenges in each of the phases – retargeting to x86-64, peripheral handling, and fuzzing the rehosted applications are elaborated. Furthermore, automated steps for retargeting to the x86-64 and peripheral handling are developed. The peripheral handling achieves 89% accuracy if reserved regions are also considered. The testing of these rehosted applications found 2 previously unknown defects in driver components.
- Master of Science
- Electrical and Computer Engineering
- West Lafayette