Annual Computer Security Applications Conference 2020
DOI: 10.1145/3427228.3427280
|View full text |Cite
|
Sign up to set email alerts
|

Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
37
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
5
3

Relationship

1
7

Authors

Journals

citations
Cited by 43 publications
(37 citation statements)
references
References 31 publications
0
37
0
Order By: Relevance
“…The literature lacks a formal definition of rehosting fidelity and no large-scale fidelity evaluations have been conducted to date. However, individual rehosting techniques have been evaluated by measuring if systems accept network connections [10], collecting and comparing peripheral interactions [49], and comparing the similarity of instruction traces [8].…”
Section: Evaluating Fidelitymentioning
confidence: 99%
See 2 more Smart Citations
“…The literature lacks a formal definition of rehosting fidelity and no large-scale fidelity evaluations have been conducted to date. However, individual rehosting techniques have been evaluated by measuring if systems accept network connections [10], collecting and comparing peripheral interactions [49], and comparing the similarity of instruction traces [8].…”
Section: Evaluating Fidelitymentioning
confidence: 99%
“…A critical, yet challenging, component of building a high-fidelity VE is generating an accurate model of all the peripherals with which the firmware will interact. Between the early drafts of this paper in 2018 and our current submission, researchers have started down the path to automated peripheral modeling we describe here (in particular, Pretender [36], and Laelaps [8]). We find it encouraging that the research community has begun to realize the importance of automated emulation of embedded devices, but stress that open problems remain formidable.…”
Section: Handling Peripheralsmentioning
confidence: 99%
See 1 more Smart Citation
“…PRETENDER [28] "learns" the interaction model between the original hardware and the firmware, and automatically creates models of peripherals. Laelaps [13] addresses a similar problem using symbolic execution. HALucinator [16] avoids the problem of peripheral emulation by replacing the high-level HAL function with a host implementation.…”
Section: B Generic Firmware Emulationmentioning
confidence: 99%
“…Symdrive [35] aims to discover vulnerabilities in drivers and makes device input to the driver symbolic thereby allowing execution on the complete range of device inputs. Laelaps [17] infers the expected behavior of firmware via symbolicexecution-assisted peripheral emulation and generates proper inputs to steer concrete execution on the fly. Model-based Emulation.…”
Section: Full Emulationmentioning
confidence: 99%