SaTC: STARSS: Small: Domain Informed Techniques for Detecting and Defending Against Malicious Firmware

SaTC：STARSS：小型：用于检测和防御恶意固件的领域知情技术

• 批准号: 1815883
• 负责人: Kevin Butler
• 金额: $ 33.33万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-08-15 至 2022-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1815883&HistoricalAwards=false
• 关键词: SaTC; STARSS; Small; Domain; Informed

Embedded systems play a large role in our daily lives. They are found in everything from computers and consumer electronics to appliances and automobiles, and represent a market estimated to be worth almost $160 billion. Many of them, however, use inexpensive microcontrollers that cannot easily be analyzed, so it is unclear how well they operate in practice. This work seeks improve the safety and security of these systems by developing techniques to analyze their firmware, particularly with regards to the popular Universal Serial Bus (USB) and Bluetooth protocols.This project will involve development of a platform for allowing firmware analysis of these common but overlooked microcontroller architectures. The goal is to validate the security of critical communications on these embedded devices. The project builds on three research thrusts: 1) Formal modeling of the USB and Bluetooth protocols and their sub-classes and automatic exploration of possible attack scenarios, 2) A firmware analysis framework with a novel query language and an analysis back-end, 3) A dynamic enforcement infrastructure that allows runtime vetting of devices prior to allowing machines to use them. This project will create techniques and systems that can be broadly deployed in consumer, enterprise, government and military environments. The lessons learned from building frameworks in the USB and Bluetooth environments can serve as a larger goal towards developing integrity frameworks for general-purpose embedded and internet-of-things (IoT) environments. The products of this project will be maintained for at least the duration of the project. Data and code from this project will be stored on the website www.firmware-analysis.org.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

嵌入式系统在我们的日常生活中扮演着重要的角色。从计算机和消费电子产品到家用电器和汽车，它们无处不在，并且代表了一个估计价值近1600亿美元的市场。然而，它们中的许多使用便宜的微控制器，不易分析，因此尚不清楚它们在实践中的运行情况。该项目旨在通过开发技术来分析这些系统的固件，特别是关于流行的通用串行总线（USB）和蓝牙协议，以提高这些系统的安全性和可靠性。该项目将涉及开发一个平台，用于对这些常见但被忽视的微控制器架构进行固件分析。目标是验证这些嵌入式设备上关键通信的安全性。该项目建立在三个研究重点之上：1）USB和蓝牙协议及其子类的形式化建模，以及对可能的攻击场景的自动探索，2）具有新颖查询语言和分析后端的固件分析框架，3）允许在允许机器使用设备之前对设备进行运行时审查的动态执行基础设施。 该项目将创建可广泛部署在消费者、企业、政府和军事环境中的技术和系统。在USB和蓝牙环境中构建框架的经验教训可以作为一个更大的目标，为通用嵌入式和物联网（IoT）环境开发完整性框架。 本项目的产品将至少在项目期间得到维护。该项目的数据和代码将存储在网站www.firmware-analysis.org上。该奖项反映了NSF的法定使命，并被认为值得通过使用基金会的知识价值和更广泛的影响审查标准进行评估来支持。

项目成果

ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptographic APIs

• DOI: 10.1109/tdsc.2022.3160346
• 发表时间: 2023-03
• 期刊: IEEE Transactions on Dependable and Secure Computing
• 影响因子: 7.3
• 作者: Tuba Yavuz;Farhaan Fowze;Grant Hernandez;K. Bai;Kevin R. B. Butler;D. Tian

Analyzing system software components using API model guided symbolic execution

使用 API 模型引导的符号执行分析系统软件组件

• DOI: 10.1007/s10515-020-00276-5
• 发表时间: 2020
• 期刊: Automated Software Engineering
• 影响因子: 3.4
• 作者: Yavuz, Tuba;Bai, Ken
• 通讯作者: Bai, Ken

BigMAC: Fine-Grained Policy Analysis of Android Firmware

BigMAC：Android 固件的细粒度策略分析

• 发表时间: 2020
• 期刊: 29th USENIX Security Symposium (USENIX Security'20
• 作者: Hernandez, Grant;Tian, Dave Jing;Yadav, Anurag Swarnim;Williams, Byron J.;Butler, Kevin R.B.
• 通讯作者: Butler, Kevin R.B.

ProXray: Protocol Model Learning and Guided Firmware Analysis

• DOI: 10.1109/tse.2019.2939526
• 发表时间: 2019-09
• 期刊: IEEE Transactions on Software Engineering
• 影响因子: 7.4
• 作者: Farhaan Fowze;D. Tian;Grant Hernandez;Kevin R. B. Butler;Tuba Yavuz

FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware

• DOI: 10.14722/ndss.2022.23136
• 发表时间: 2022
• 期刊: Proceedings 2022 Network and Distributed System Security Symposium
• 作者: Grant Hernandez;Marius Muench;D. Maier;A. Milburn;Shinjo Park;Tobias Scharnowski;Tyler Tucker;Patrick Traynor;Kevin R. B. Butler