Faster and Better: Detecting Vulnerabilities in Linux-based IoT Firmware with Optimized Reaching Definition Analysis
Zicong Gao
Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · IoT & Firmware
The proliferation of **Internet of Things (IoT)** devices has introduced unparalleled convenience but concurrently escalated security risks. A significant portion of these risks stems from **taint-style attacks**, where untrusted external inputs can flow into sensitive operations within device **firmware**, leading to severe consequences such as data breaches or device compromise. With up to one billion IoT devices reportedly attacked in 2021, and firmware often being closed-source and difficult to update, the urgency for robust vulnerability detection mechanisms is paramount. While **fuzzing** is a powerful technique for software vulnerabilities, its application to IoT firmware is hampered by hardware dependencies and low success rates in **rehosting**, as evidenced by state-of-the-art solutions like FirmAE only emulating 79% of network services.