SwePub
Sök i LIBRIS databas

  Utökad sökning

WFRF:(Abbas Muhammad)
 

Sökning: WFRF:(Abbas Muhammad) > DUDE: Decryption, U...

LIBRIS Formathandbok  (Information om MARC21)
FältnamnIndikatorerMetadata
00003697naa a2200457 4500
001oai:DiVA.org:kth-350059
003SwePub
008240706s2023 | |||||||||||000 ||eng|
024a https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-3500592 URI
024a https://doi.org/10.1109/TDSC.2023.33206752 DOI
040 a (SwePub)kth
041 a engb eng
042 9 SwePub
072 7a ref2 swepub-contenttype
072 7a art2 swepub-publicationtype
100a Abbas, Haideru National University of Sciences and Technology (NUST), Islamabad, Pakistan4 aut
2451 0a DUDE: Decryption, Unpacking, Deobfuscation, and Endian Conversion Framework for Embedded Devices Firmware
264 1b Institute of Electrical and Electronics Engineers (IEEE),c 2023
338 a print2 rdacarrier
500 a QC 20240706
520 a Commercial-Off-The-Shelf (COTS) embedded devices rely on vendor-specific firmware to perform essential tasks. These firmware have been under active analysis by researchers to check security features and identify possible vendor backdoors. However, consistently unpacking newly created filesystem formats has been exceptionally challenging. To thwart attempts at unpacking, vendors frequently use encryption and obfuscation methods. On the other hand, when handling encrypted, obfuscated, big endian cramfs, or custom filesystem formats found in firmware under test, the available literature and tools are insufficient. This study introduces DUDE, an automated framework that provides novel functionalities, outperforming cutting-edge tools in the decryption, unpacking, deobfuscation, and endian conversion of firmware. For big endian compressed romfs filesystem formats, DUDE supports endian conversion. It also supports deobfuscating obfuscated signatures for successful unpacking. Moreover, decryption support for encrypted binaries from the D-Link and MOXA series has also been added, allowing for easier analysis and access to the contents of these firmware files. Additionally, the framework offers unpacking assistance by supporting the extraction of special filesystem formats commonly found in firmware samples from various vendors. A remarkable 78% (1424 out of 1814) firmware binaries from different vendors were successfully unpacked using the suggested framework. This performance surpasses the capabilities of commercially available tools combined on a single platform.
650 7a NATURVETENSKAPx Data- och informationsvetenskapx Datorteknik0 (SwePub)102062 hsv//swe
650 7a NATURAL SCIENCESx Computer and Information Sciencesx Computer Engineering0 (SwePub)102062 hsv//eng
653 a Binary analysis
653 a deobfuscation
653 a Encryption
653 a EPROM
653 a filesystem unpacking
653 a Hardware
653 a Internet of Things
653 a Microprogramming
653 a reverse engineering
653 a Sockets
653 a Task analysis
700a Shahzad, Muhammadu National University of Sciences and Technology (NUST), Islamabad, Pakistan4 aut
700a Safdar, Malihau National University of Sciences and Technology (NUST), Islamabad, Pakistan4 aut
700a Hemani, Ahmed,d 1961-u KTH,Elektronik och inbyggda system4 aut0 (Swepub:kth)u131a9ju
710a National University of Sciences and Technology (NUST), Islamabad, Pakistanb Elektronik och inbyggda system4 org
773t IEEE Transactions on Dependable and Secure Computingd : Institute of Electrical and Electronics Engineers (IEEE)x 1545-5971x 1941-0018
8564 8u https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-350059
8564 8u https://doi.org/10.1109/TDSC.2023.3320675

Hitta via bibliotek

Till lärosätets databas

Hitta mer i SwePub

Av författaren/redakt...
Abbas, Haider
Shahzad, Muhamma ...
Safdar, Maliha
Hemani, Ahmed, 1 ...
Om ämnet
NATURVETENSKAP
NATURVETENSKAP
och Data och informa ...
och Datorteknik
Artiklar i publikationen
IEEE Transaction ...
Av lärosätet
Kungliga Tekniska Högskolan

Sök utanför SwePub

Wikipedia om författaren:
Haider_Abbas
Abbas, Haider
en

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

 
pil uppåt Stäng

Kopiera och spara länken för att återkomma till aktuell vy