| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Automated Vulnerability Detection in Embedded Devices
Abstract : Embedded devices are widely used today and are rapidly being incorporated in the Internet of Things that will permeate every aspect of society. However, embedded devices have vulnerabilities such as buffer overflows, command injections and backdoors that are often undocumented. Malicious entities who discover these vulnerabilities could exploit them to gain control of embedded devices and conduct a variety of criminal activities.Due to the large number of embedded devices, non-standard codebases and complex control flows, it is extremely difficult to discover vulnerabilities using manual techniques. Current automated vulnerability detection tools typically use static analysis, but the detection accuracy is not high. Some tools employ code execution; however, this approach is inefficient, detects limited types of vulnerabilities and is restricted to specific architectures. Other tools use symbolic execution, but the level of automation is not high and the types of vulnerabilities they uncover are limited. This chapter evaluates several advanced vulnerability detection techniques used by current tools, especially those involving automated program analysis. These techniques are leveraged in a new automated vulnerability detection methodology for embedded devices.
Cited literature [30 references]
https://hal.inria.fr/hal-01988845
Contributor : Hal Ifip <>
Submitted on : Tuesday, January 22, 2019 - 9:44:46 AM
Last modification on : Tuesday, May 26, 2020 - 11:40:04 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:27:53 PM
Contributor : Hal Ifip <>
Submitted on : Tuesday, January 22, 2019 - 9:44:46 AM
Last modification on : Tuesday, May 26, 2020 - 11:40:04 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:27:53 PM
File
472401_1_En_17_Chapter.pdf
Files produced by the author(s)
Licence
Distributed under a Creative Commons Attribution 4.0 International License