Bernard Lebel scite author profile

In the era of the internet of things (IoT), software-enabled inter-connected devices are of paramount importance. The embedded systems are very frequently used in both security and privacy-sensitive applications. However, the underlying software (a.k.a. firmware) very often suffers from a wide range of security vulnerabilities, mainly due to their outdated systems or reusing existing vulnerable libraries; which is evident by the surprising rise in the number of attacks against embedded systems. Therefore, to protect those embedded systems, detecting the presence of vulnerabilities in the large pool of embedded devices and their firmware plays a vital role. To this end, there exist several approaches to identify and trigger potential vulnerabilities within deployed embedded systems firmware. In this survey, we provide a comprehensive review of the state-of-the-art proposals, which detect vulnerabilities in embedded systems and firmware images by employing various analysis techniques, including static analysis, dynamic analysis, symbolic execution, and hybrid approaches. Furthermore, we perform both quantitative and qualitative comparisons among the surveyed approaches. Moreover, we devise taxonomies based on the applications of those approaches, the features used in the literature, and the type of the analysis. Finally, we identify the unresolved challenges and discuss possible future directions in this field of research.

show abstract

Andrana: Quick and Accurate Malware Detection for Android

Bedford

Garvin

Desharnais

et al. 2016

View full text Add to dashboard Cite

Threat Intelligence Generation Using Network Telescope Data for Industrial Control Systems

Cabana

Youssef

Debbabi

et al. 2021

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Rogue device discrimination in ZigBee networks using wavelet transform and autoencoders

2020

View full text Add to dashboard Cite

In modern wireless systems such as ZigBee, sensitive information which is produced by the network is transmitted through different wired or wireless nodes. Providing the requisites of communication between diverse communication system types, such as mobiles, laptops, and desktop computers, does increase the risk of being attacked by outside nodes. Malicious (or unintentional) threats, such as trying to obtain unauthorized accessibility to the network, increase the requirements of data security against the rogue devices trying to tamper with the identity of authorized devices. In such manner, focusing on Radio Frequency Distinct Native Attributes (RF-DNA) of features extracted from physical layer responses (referred to as preambles) of ZigBee devices, a dataset of distinguishable features of all devices can be produced which can be exploited for the detection and rejection of spoofing/rogue devices. Through this procedure, distinction of devices manufactured by the different/same producer(s) can be realized resulting in an improvement of classification system accuracy. The two most challenging problems in initiating RF-DNA are (1) the mechanism of features extraction in the generation of a dataset in the most effective way for model classification and (2) the design of an efficient model for device discrimination of spoofing/rogue devices. In this paper, we analyze the physical layer features of ZigBee devices and present methods based on deep learning algorithms to achieve high classification accuracy, based on wavelet decomposition and on the autoencoder representation of the original dataset.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Bernard Lebel

BINARM: Scalable and Efficient Detection of Vulnerabilities in Firmware Images of Intelligent Electronic Devices

Automatic Vulnerability Detection in Embedded Devices and Firmware

Andrana: Quick and Accurate Malware Detection for Android

Threat Intelligence Generation Using Network Telescope Data for Industrial Control Systems

Rogue device discrimination in ZigBee networks using wavelet transform and autoencoders

Contact Info

Product

Resources

About