One size does not fit all: security hardening of MIPS embedded systems via static binary debloating for shared libraries

Zhang, Haotian; Ren, Mengfei; Lei, Yu; Jiang, Ming

doi:10.1145/3503222.3507768

Cited by 10 publications

(5 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similarly, Cui et al [57] propose ABSR as an early conceptual ideal firmware codedebloating technique achieved via binary-patching and binaryrewriting. Recently, Zhang et al [80] presented µTrimmer, a system to identify and remove unused basic blocks from binary code of shared libraries and tools. The authors implemented µTrimmer for the MIPS architecture (a very common one for IoT devices), and tested its effectiveness on SPEC CPU2017 benchmarks, popular firmware applications (e.g.,…”

Section: A Retrofitting Patching and Hardening For Securitymentioning

confidence: 99%

See 1 more Smart Citation

HALE-IoT: Hardening Legacy Internet of Things Devices by Retrofitting Defensive Firmware Modifications and Implants

Carrillo-Mondéjar

Turtiainen²,

Costin³

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

Internet-Of-Things (IoT) devices and their firmware are notorious for their lifelong vulnerabilities. As device infection increases, vendors also fail to release patches at a competitive pace. Despite security in IoT being an active area of research, prior work has mainly focused on vulnerability detection and exploitation, threat modelling, and protocol security. However, these methods are ineffective in preventing attacks against legacy and End-Of-Life devices that are already vulnerable. Current research mainly focuses on implementing and demonstrating the potential of malicious modifications. Hardening emerges as an effective solution to provide IoT devices with an additional layer of defense.In this paper, we bridge these gaps through the design of HALE-IoT, a generically applicable systematic approach to HArdening LEgacy IoT non-low-end devices by retrofitting defensive firmware modifications without access to the original source code. HALE-IoT approaches this non-trivial task via binary firmware reversing and modification while being underpinned by a semi-automated toolset that aims to keep cybersecurity of such devices in a hale state. Our focus is on both modern and, especially, legacy or obsolete IoT devices as they become increasingly prevalent. To evaluate the effectiveness and efficiency of HALE-IoT, we apply it to a wide range of IoT devices by retrofitting 395 firmware images with defensive implants containing an intrusion prevention system in the form of a Web Application Firewall (for prevention of web-attack vectors), and an HTTPS-proxy (for latest and full end-to-end HTTPS support) using emulation. We also test our approach on four physical devices, where we show that HALE-IoT successfully runs on protected and quite constrained devices with as low as 32MB of RAM and 8MB of storage. Overall, in our evaluation, we achieve good performance and reliability with a remarkably accurate detection and prevention rate for attacks coming from both real CVEs and synthetic exploits.

show abstract

Section: A Retrofitting Patching and Hardening For Securitymentioning

confidence: 99%

“…[57] Proposes ABSR, a technique to disable unused firmware features and remove unused binary files. [80] Introduces a system to identify and remove unused basic blocks from the binary code of shared libraries. [81] Designs WebDroid, a framework for building secure embedded web interfaces.…”

Section: Categorymentioning

confidence: 99%

HALE-IoT: Hardening Legacy Internet of Things Devices by Retrofitting Defensive Firmware Modifications and Implants

Carrillo-Mondéjar

Turtiainen²,

Costin³

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…Software debloating is currently emerging as a widely adopted technique for security hardening by reducing attack surfaces in code -removing unused pieces of code. µTrimmer [44], designed for MIPS firmware, eliminates unwanted basic blocks in shared libraries. JSLIM [42] is another debloating framework to remove dead code and code containing vulnerabilities in JavaScript applications.…”

Section: B Code-based Debloatingmentioning

confidence: 99%

IOSPReD: I/O Specialized Packaging of Reduced Datasets and Data-Intensive Applications for Efficient Reproducibility

et al. 2023

View full text Add to dashboard Cite

The data generated by large scale scientific systems such as NASA's Earth Observing System Data and Information System is expected to increase substantially. Consequently, applications processing these huge volumes of data suffer from lack of storage space at the execution site. This poses a critical challenge while sharing data and reproducing application executions w.r.t. specific user inputs in dataintensive applications. To address this issue, we propose IOSPReD (I/O Specialized Packaging of Reduced Datasets), a data-based debloating framework, designed to automatically track and package only necessary chunks of data (along with the application) in a container. IOSPReD uses the specific inputs provided by the user to identify the necessary data chunks. To do so, the high level user inputs are mapped down to low level data file offsets. We evaluate IOSPReD on different realistic NASA datasets to assess (i) the amount of data reduction, (ii) the reproducibility of results across multiple application executions and also (iii) the impact on performance.

show abstract

“…Code generated by static translation methods usually exhibits high-quality and high-execution efficiency. However, static translation methods require an independent interpreter to execute the statically translated code blocks and cannot address the issues of self-modifying code, code mining, and precise interruptions [5][6][7][8][9][10]. Dynamic translation methods translate and execute the target code at the same time, and the translation activity occupies the program's execution time.…”

Section: Overviewmentioning

confidence: 99%

A Dynamic and Static Binary Translation Method Based on Branch Prediction

Sun,

Wu,

et al. 2023

Electronics

View full text Add to dashboard Cite

Binary translation is an important technique for achieving cross-architecture software migration. However, mainstream dynamic binary translation frameworks, such as QEMU, often generate a large amount of redundant code, which degrades the efficiency of the target code. To this end, we propose a dynamic–static binary translation method based on branch prediction. It first identifies parts of translation blocks following static branch prediction techniques. Then it translates these translation blocks into less-redundant native code blocks by canonical static translation algorithms. Finally, it executes all code blocks that are translated either statically or dynamically by correctly maintaining and switching their running contexts. In order to correctly weave the two types of translation activities, the proposed method only translates the next translation block that is data-independent from the current one by the active variable analysis algorithm, and records and shares the intermediate states of the dynamic and static translation activities via a carefully designed data structure. In particular, a shadow register-based context recovery mechanism is proposed to correctly record the running context of static translation blocks, and to correctly recover the context for dynamically translating and running blocks that were not statically translated. We also designed an adaptive memory optimization mechanism to dynamically release the memory of the mispredicted translation blocks. We implemented a dynamic–static binary translation framework by extending QEMU, called BP-QEMU (QEMU with branch prediction). We evaluated the translation correctness of BP-QEMU using the testing programs for the ARM and PPC instruction sets from QEMU, and evaluated the performance of BP-QEMU using the CoreMark benchmark code. The experimental results show that BP-QEMU can translate the instructions from the ARM and PPC architectures correctly; moreover, the average execution efficiency of the CoreMark code on BP-QEMU improves by 13.3% compared to that of QEMU.

show abstract

One size does not fit all: security hardening of MIPS embedded systems via static binary debloating for shared libraries

Cited by 10 publications

References 45 publications

HALE-IoT: Hardening Legacy Internet of Things Devices by Retrofitting Defensive Firmware Modifications and Implants

HALE-IoT: Hardening Legacy Internet of Things Devices by Retrofitting Defensive Firmware Modifications and Implants

IOSPReD: I/O Specialized Packaging of Reduced Datasets and Data-Intensive Applications for Efficient Reproducibility

A Dynamic and Static Binary Translation Method Based on Branch Prediction

Contact Info

Product

Resources

About