Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis

IF 0.6 Q4 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS
Lei Yu, Haoyu Wang, Linyu Li, Houhua He
{"title":"Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis","authors":"Lei Yu, Haoyu Wang, Linyu Li, Houhua He","doi":"10.4018/ijdcf.286755","DOIUrl":null,"url":null,"abstract":"Command injection vulnerabilities are among the most common and dangerous attack vectors in IoT devices. Current detection approaches can detect single-step injection vulnerabilities well by fuzzing tests. However, an attacker could inject malicious commands in an IoT device via a multi-step exploit if he first abuses an interface to store the injection payload and later use it in a command interpreter through another interface. We identify a large class of such multi-step injection attacks to address these stealthy and harmful threats and define them as higher-order command injection vulnerabilities (HOCIVs). We develop an automatic system named Request Linking (ReLink) to detect data stores that would be transferred to command interpreters and then identify HOCIVs. ReLink is validated on an experimental embedded system injected with 150 HOCIVs. According to the experimental results, ReLink is significantly better than existing command injection detection tools in terms of detection rate, test space and time.","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":null,"pages":null},"PeriodicalIF":0.6000,"publicationDate":"2021-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Digital Crime and Forensics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijdcf.286755","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
引用次数: 1

Abstract

Command injection vulnerabilities are among the most common and dangerous attack vectors in IoT devices. Current detection approaches can detect single-step injection vulnerabilities well by fuzzing tests. However, an attacker could inject malicious commands in an IoT device via a multi-step exploit if he first abuses an interface to store the injection payload and later use it in a command interpreter through another interface. We identify a large class of such multi-step injection attacks to address these stealthy and harmful threats and define them as higher-order command injection vulnerabilities (HOCIVs). We develop an automatic system named Request Linking (ReLink) to detect data stores that would be transferred to command interpreters and then identify HOCIVs. ReLink is validated on an experimental embedded system injected with 150 HOCIVs. According to the experimental results, ReLink is significantly better than existing command injection detection tools in terms of detection rate, test space and time.
物联网设备中高阶命令注入漏洞的自动检测:动态数据流分析的模糊测试
命令注入漏洞是物联网设备中最常见和最危险的攻击媒介之一。现有的检测方法可以通过模糊测试很好地检测出单步注入漏洞。但是,如果攻击者首先滥用接口来存储注入有效载荷,然后通过另一个接口在命令解释器中使用它,则攻击者可以通过多步骤漏洞在物联网设备中注入恶意命令。我们确定了一大类这样的多步骤注入攻击来解决这些隐形和有害的威胁,并将其定义为高阶命令注入漏洞(hociv)。我们开发了一个名为请求链接(ReLink)的自动系统,用于检测将传输给命令解释器的数据存储,然后识别HOCIVs。ReLink在一个注入150个hociv的实验性嵌入式系统上进行了验证。实验结果表明,ReLink在检测率、测试空间和时间上都明显优于现有的命令注入检测工具。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Digital Crime and Forensics
International Journal of Digital Crime and Forensics COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-
CiteScore
2.70
自引率
0.00%
发文量
15
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信