参考文献
[1] 吴世忠, 郭涛, 董国伟, 张普含, “软件漏洞分析技术, ”科学出版社, 2014.
[2] Sebastian Vasile, David Oswald, and Tom Chothia, “Breaking All the Things—A Systematic Survey of Firmware Extraction Techniques for IoT Devices,” in Seventeenth Smart Card Research and Advanced Application Conference (CARDIS’18), pp. 171-185, 2018.
[3] “Binwalk,” ReFirm Labs, Inc. https://github.com/ReFirmLabs/ binwalk.
[4] “Firmware Mod Kit,” Bitsum, https://bitsum.com/firmware_mod_ kit.htm.
[5] “Binary Analysis Next Generation (BANG),” https://github.com/ armijnhemel/binaryanalysis-ng.
[6] “Mucking About With SquashFS,” Craig, http://www.devttys0. com/2014/08/mucking-about-with-squashfs/ Aug, 2014
[7] Sam L. Thomas, Flavio D. Garcia, Tom Chothia, “HumIDIFy: A Tool for Hidden Functionality Detection in Firmware,” in International conference on detection of intrusions and malware, and vulnerability assessment(DIMVA’17), pp. 279-300, 2017.
[8] “Ida: About - hex-ray,” https://www.hex-rays.com/products/ida/index.shtml.
[9] Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Audrey Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, and Giovanni Vigna, “SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis,” in Proc. of IEEE Symposium on Security and Privacy (S&P’16), pp. 138-157, 2016.
[10] Yan Shoshitaishvili, Ruoyu Wang, Christophe Hauser, Christopher Kruegel, and Giovanni Vigna, “Firmalice-automatic detection of authentication bypass vulnerabilities in binary fifirmware,” in Network and Distributed System Security Symposium (NDSS’15), 2015.
[11] Sam L. Thomas, Tom Chothia, Flavio D. Garcia, "Stringer: Measuring the Importance of Static Data Comparisons to Detect Backdoors and Undocumented Functionality." European Symposium on Research in Computer Security (ESORICS‘17), pp. 513-531, 2017.
[12] Kai Cheng, Qiang Li, Lei Wang, Qian Chen, Yaowen Zheng, Limin Sun, and Zhenkai Liang, “DTaint: Detecting the Taint-Style Vulnerability in Embedded Device Firmware,” in IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’18), pp. 430-441, 2018.
[13] Lucian Cojocar, Jonas Zaddach, Roel Verdult, Herbert Bos, Auré-lien Francillon, and Davide Balzarotti, “PIE: Parser identifification in embedded systems,” in Annual Computer Security Applications Conference (ACSAC’15), 2015.
[14] Yaowen Zheng, Kai Cheng, Zhi Li, Shiran Pan, Hongsong Zhu and Limin Sun, “A Lightweight Method for Accelerating Discovery ofTaint-Style Vulnerabilities in Embedded Systems,” in International Conference on Information and Communication Security(ICICS’16), pp. 27-36, 2016.
扫一扫
7077
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
