Cross-architecture automatic detection method and system for third-party components and security risks related to firmware in internet of things devices thereof

Abstract

The invention discloses a cross-architecture automated detection method and system for third-party components and security risks, comprising: identify and reverse the firmware of the IoT device, classify the resulting reverse products into binary and non-binary files; disassemble binary files to mine the semantic information in them; convert non-binary files into string text files; build a database containing third-party components and their known CVE; combine pattern matching to scan string text files automatically, collect third-party components in the firmware of IoT device, and collect and retrieve vulnerabilities of corresponding third-party components. Through organically combining the semantic information of the vulnerability assembly code and the semantic information of the firmware assembly code of IoT device, the similarity comparison across architectures and deep learning is realized, and the specific pattern vulnerability is mined and verified automatically. The invention does not require the acquisition of firmware source code, the detection process is automated, greatly reducing the difficulty and workload of manual analysis.

CPC Classifications