Ruiqing Xiao scite author profile

Ruiqing Xiao

4Publications

3Citation Statements Received

26Citation Statements Given

How they've been cited

How they cite others

Affiliations

Publications

Order By: Most citations

Recognizing the Data Type of Firmware Data Segments With Deep Learning

Xiao¹,

Zhu²,

Lu³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

Data segment analysis is of great value for firmware analysis. The data segment contains abundant information such as pointers and strings which is helpful for accelerating the process of code segment analysis. In this paper, we propose a novel approach of applying deep learning to solve the problem of data type identification in data segments, that is a fundamental problem in data segment analysis. We define 3 data types of data segment, then design several data segment byte feature extraction methods to construct feature sequences, and finally present a deep learning-based approach with feature sequences as input to recognize the data type byte by byte. Then, the recognized type can be further corrected efficiently by prior knowledge. Based on the data segment of a firmware, we built a dataset that included 18,032,352 samples (in bytes of data segment). We implement a prototype system and evaluate it with our dataset, then determine reasonable models and hyperparameters through several experiments, and eventually confirm that deep learning techniques are suitable for identifying the data type in data segment. Kappa coefficient of our data type recognition reached 0.96 and the models can be retained quickly. Using 131,072 samples in our dataset for 32 seconds of training, the accuracy can reach 90%; the accuracy can reach 97% with 273 seconds of training and 950,272 samples. Furthermore, our approach has higher accuracy than IDA in string recognition. In experiments, the recall and precision of our approach reached 96.5% and 90% respectively, whereas corresponding results of IDA is 92.9% and 85.7%. In addition, we selected 8 open source software to compile and test, and compared the detection results with TypeMiner. Experiments show that our method has certain cross-platform and operating system capabilities, and performs better than TypeMiner on some software.INDEX TERMS Reverse engineering, binary analysis, data segment, data type recognition, deep learning.

show abstract

Applying Binary Patch Comparison to Cisco IOS

Sun¹,

Liu²,

Xiao³

et al. 2017

View full text Add to dashboard Cite

The hardware modeling and analysis techniques based on Kripke structure

Xiao¹,

Zhu²,

Liu³

et al. 2015

View full text Add to dashboard Cite

This paper focuses on two aspects. One is the modeling method of hardware function based on Kripke structure. The other is the hardware design specification formal description method which based on temporal logic CTL. In order to design a hardware modeling method which based on Kripke Structure, Hardware implementation process and behavioral characteristics modeling method were studied deeply. Paper present the basic ideas and realize principles of the hardware Trojan detected by a model test method.

show abstract

A Patch Analysis Method Based on Multi-firmware Comparison

Xiao¹,

Zhu²,

Hu³

et al. 2021

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ruiqing Xiao

Recognizing the Data Type of Firmware Data Segments With Deep Learning

Applying Binary Patch Comparison to Cisco IOS

The hardware modeling and analysis techniques based on Kripke structure

A Patch Analysis Method Based on Multi-firmware Comparison

Contact Info

Product

Resources

About