{"title":"电力物联网固件漏洞检测的模糊测试引导技术","authors":"Bo Zhang, Zesheng Xi, Kunlun Gao","doi":"10.1109/ICEI52466.2021.00033","DOIUrl":null,"url":null,"abstract":"The power Internet of Things has become an important part of the energy Internet, and firmware is its enabling software. The existence of firmware vulnerability is one of the fundamental reasons for smart grid to face network attacks, so detecting firmware vulnerability is the key to smart grid security. Fuzzy testing is one of the hotspots of cyberspace security research, but for firmware vulnerability detection, there are still some problems in current fuzzy testing technology, such as poor compatibility of heterogeneous firmware program simulation, firmware state space explosion and blind testing, which lead to poor efficiency and effectiveness of vulnerability detection. In order to solve the above problems, this paper proposes the technology of static instruction translation and program reconfiguration for heterogeneous firmware programs, and reconstructs heterogeneous firmware programs into cross platform executable programs through intermediate language translation. At the same time, a fuzzy test method based on static targeting model and dynamic symbol execution is proposed to further improve the guidance, intelligence, accuracy and automation of firmware vulnerability fuzzy test technology.","PeriodicalId":113203,"journal":{"name":"2021 IEEE International Conference on Energy Internet (ICEI)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Fuzzy Test Guidance Technology for Power Internet of Things Firmware Vulnerability Detection\",\"authors\":\"Bo Zhang, Zesheng Xi, Kunlun Gao\",\"doi\":\"10.1109/ICEI52466.2021.00033\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The power Internet of Things has become an important part of the energy Internet, and firmware is its enabling software. The existence of firmware vulnerability is one of the fundamental reasons for smart grid to face network attacks, so detecting firmware vulnerability is the key to smart grid security. Fuzzy testing is one of the hotspots of cyberspace security research, but for firmware vulnerability detection, there are still some problems in current fuzzy testing technology, such as poor compatibility of heterogeneous firmware program simulation, firmware state space explosion and blind testing, which lead to poor efficiency and effectiveness of vulnerability detection. In order to solve the above problems, this paper proposes the technology of static instruction translation and program reconfiguration for heterogeneous firmware programs, and reconstructs heterogeneous firmware programs into cross platform executable programs through intermediate language translation. At the same time, a fuzzy test method based on static targeting model and dynamic symbol execution is proposed to further improve the guidance, intelligence, accuracy and automation of firmware vulnerability fuzzy test technology.\",\"PeriodicalId\":113203,\"journal\":{\"name\":\"2021 IEEE International Conference on Energy Internet (ICEI)\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Conference on Energy Internet (ICEI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICEI52466.2021.00033\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Energy Internet (ICEI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEI52466.2021.00033","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Fuzzy Test Guidance Technology for Power Internet of Things Firmware Vulnerability Detection
The power Internet of Things has become an important part of the energy Internet, and firmware is its enabling software. The existence of firmware vulnerability is one of the fundamental reasons for smart grid to face network attacks, so detecting firmware vulnerability is the key to smart grid security. Fuzzy testing is one of the hotspots of cyberspace security research, but for firmware vulnerability detection, there are still some problems in current fuzzy testing technology, such as poor compatibility of heterogeneous firmware program simulation, firmware state space explosion and blind testing, which lead to poor efficiency and effectiveness of vulnerability detection. In order to solve the above problems, this paper proposes the technology of static instruction translation and program reconfiguration for heterogeneous firmware programs, and reconstructs heterogeneous firmware programs into cross platform executable programs through intermediate language translation. At the same time, a fuzzy test method based on static targeting model and dynamic symbol execution is proposed to further improve the guidance, intelligence, accuracy and automation of firmware vulnerability fuzzy test technology.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
