scholarly journals Cutting Through the Complexity of Reverse Engineering Embedded Devices

2021 ◽  
pp. 360-389
Author(s):  
Sam L. Thomas ◽  
Jan Van den Herrewegen ◽  
Georgios Vasilakis ◽  
Zitai Chen ◽  
Mihai Ordean ◽  
...  
Keyword(s):  
Reverse Engineering ◽  
Feedback Loop ◽  
Security Analysis ◽  
Tool Support ◽  
End User ◽  
High Confidence ◽  
Embedded Devices ◽  
Instruction Sets ◽  
Dynamic Analyses ◽  
4G Lte

Performing security analysis of embedded devices is a challenging task. They present many difficulties not usually found when analyzing commodity systems: undocumented peripherals, esoteric instruction sets, and limited tool support. Thus, a significant amount of reverse engineering is almost always required to analyze such devices. In this paper, we present Incision, an architecture and operating-system agnostic reverse engineering framework. Incision tackles the problem of reducing the upfront effort to analyze complex end-user devices. It combines static and dynamic analyses in a feedback loop, enabling information from each to be used in tandem to improve our overall understanding of the firmware analyzed. We use Incision to analyze a variety of devices and firmware. Our evaluation spans firmware based on three RTOSes, an automotive ECU, and a 4G/LTE baseband. We demonstrate that Incision does not introduce significant complexity to the standard reverse engineering process and requires little manual effort to use. Moreover, its analyses produce correct results with high confidence and are robust across different OSes and ISAs.

Reconfigurable Instruction-Set Application-Tuning for DSP

2003 ◽  
Vol 12 (03) ◽  
pp. 333-351 ◽  
Author(s):  
B. Mesman ◽  
Q. Zhao ◽  
N. Busa ◽  
K. Leijten-Nowak
Keyword(s):  
Current System ◽  
High Volume ◽  
Tool Support ◽  
Instruction Set ◽  
Instruction Sets ◽  
Application Characteristics ◽  
On Chip ◽  
Application Tuning ◽  
Primary Contribution ◽  
Hardware Efficiency

In current System-on-Chip (SoC) design, the main engineering trade-off concerns hardware efficiency and design effort. Hardware efficiency traditionally regards cost versus performance (in high-volume electronics), but recently energy consumption emerged as a dominant criterion, even in products without batteries. "The" most effective way to increase HW efficiency is to exploit application characteristics in the HW. The traditional way of looking at HW design tends to consider it a time-consuming and tedious task, however. Given the current lack of HW designers, and the pressure of time-to-market, clearly a desire exists to fine-balance the merits and effort of tuning your HW to your application. This paper discusses methods and tool support for HW application-tuning at different levels of granularity. Furthermore we treat several ways of applying reconfigurable HW to allow both silicon reuse and the ability to tune the HW to the application after fabrication. Our main focus is on a methodology for application-tuning the architecture of DSP datapaths. Our primary contribution is on reusing and generalizing this methodology to application-tuning DSP instruction sets, and providing tool support for efficient compilation for these instruction sets. Furthermore, we propose an architecure for a reconfigurable instruction-decoder, enabling application-tuning of the instruction-set after fabrication.

Improving Tool Support for Software Reverse Engineering in a Security Context

2013 ◽  
pp. 113-122 ◽  
Author(s):  
Brendan Cleary ◽  
Christoph Treude ◽  
Fernando Figueira Filho ◽  
Margaret-Anne Storey ◽  
Martin Salois
Keyword(s):  
Reverse Engineering ◽  
Tool Support ◽  
Security Context ◽  
Software Reverse Engineering

Survey and Analysis of Current End-user Data Analytics Tool Support

2019 ◽  
pp. 1-1
Author(s):  
Hourieh Khalajzadeh ◽  
Mohamed Abdelrazek ◽  
John Grundy ◽  
John G. Hosking ◽  
Qiang He
Keyword(s):  
Data Analytics ◽  
Tool Support ◽  
End User ◽  
User Data

scholarly journals LiPLike: towards gene regulatory network predictions of high certainty

2020 ◽  
Vol 36 (8) ◽  
pp. 2522-2529
Author(s):  
Rasmus Magnusson ◽  
Mika Gustafsson
Keyword(s):  
Gene Regulation ◽  
Reverse Engineering ◽  
False Positive ◽  
Profile Likelihood ◽  
Expression Patterns ◽  
Regulatory Elements ◽  
Biological Data ◽  
Supplementary Information ◽  
High Confidence ◽  
Gene Regulatory

Abstract Motivation High correlation in expression between regulatory elements is a persistent obstacle for the reverse-engineering of gene regulatory networks. If two potential regulators have matching expression patterns, it becomes challenging to differentiate between them, thus increasing the risk of false positive identifications. Results To allow for gene regulation predictions of high confidence, we propose a novel method, the Linear Profile Likelihood (LiPLike), that assumes a regression model and iteratively searches for interactions that cannot be replaced by a linear combination of other predictors. To compare the performance of LiPLike with other available inference methods, we benchmarked LiPLike using three independent datasets from the Dialogue on Reverse Engineering Assessment and Methods 5 (DREAM5) network inference challenge. We found that LiPLike could be used to stratify predictions of other inference tools, and when applied to the predictions of DREAM5 participants, we observed an average improvement in accuracy of >140% compared to individual methods. Furthermore, LiPLike was able to independently predict networks better than all DREAM5 participants when applied to biological data. When predicting the Escherichia coli network, LiPLike had an accuracy of 0.38 for the top-ranked 100 interactions, whereas the corresponding DREAM5 consensus model yielded an accuracy of 0.11. Availability and implementation We made LiPLike available to the community as a Python toolbox, available at https://gitlab.com/Gustafsson-lab/liplike. We believe that LiPLike will be used for high confidence predictions in studies where individual model interactions are of high importance, and to remove false positive predictions made by other state-of-the-art gene–gene regulation prediction tools. Supplementary information Supplementary data are available at Bioinformatics online.

End-User-Oriented Tool Support for Modeling Data Analytics Requirements

2020 ◽  
Author(s):  
Hourieh Khalajzadeh ◽  
Andrew J. Simmons ◽  
Mohamed Abdelrazek ◽  
John Grundy ◽  
John Hosking ◽  
...  
Keyword(s):  
Data Analytics ◽  
Tool Support ◽  
End User ◽  
Modeling Data

A Survey of Current End-User Data Analytics Tool Support

2018 ◽  
Author(s):  
Hourieh Khalajzadeh ◽  
Mohamed Abdelrazek ◽  
John Grundy ◽  
John Hosking ◽  
Qiang He
Keyword(s):  
Data Analytics ◽  
Tool Support ◽  
End User ◽  
User Data

Security Analysis of Handover Key Management in 4G LTE/SAE Networks

2014 ◽  
Vol 13 (2) ◽  
pp. 457-468 ◽  
Author(s):  
Chan-Kyu Han ◽  
Hyoung-Kee Choi
Keyword(s):  
Key Management ◽  
Security Analysis ◽  
4G Lte

An Efficient Stream Cipher WG-16 and its Application for Securing 4G-LTE Networks

2014 ◽  
Vol 490-491 ◽  
pp. 1436-1450 ◽  
Author(s):  
Xin Xin Fan ◽  
Teng Wu ◽  
Guang Gong
Keyword(s):  
Stream Cipher ◽  
Security Analysis ◽  
Experimental Results ◽  
Fourth Generation ◽  
Mobile Users ◽  
Mobile Telecommunications ◽  
Lte Networks ◽  
Detailed Specification ◽  
4G Lte ◽  
4G Lte Networks

The fourth generation of mobile telecommunications system (marketed as 4G-LTE) is being commercially and widely deployed. Security mechanisms are crucial to protect communications of mobile users from potential malicious attacks as well as to ensure revenue for 4G-LTE network operators. The randomness properties of the keystream generated by the current cipher suites in 4G-LTE standard are difficult to analyze and some vulnerabilities with regard to the integrity algorithms have been recently discovered. To address those issues, we present a detailed specification and security analysis of a bit-oriented stream cipher WG-16 as well as the corresponding confidentiality and integrity algorithms in this paper. Our experimental results on smartphones and comparisons with the cipher suites in 4G-LTE standard demonstrate that WG-16 is a competitive candidate for securing the emerging 4G-LTE networks.

scholarly journals The Uncertainty of Side-channel Analysis: A Way to Leverage from Heuristics

2021 ◽  
Vol 17 (3) ◽  
pp. 1-27
Author(s):  
Unai Rioja ◽  
Servio Paguada ◽  
Lejla Batina ◽  
Igor Armendariz
Keyword(s):  
Six Sigma ◽  
Security Analysis ◽  
Side Channel ◽  
Security Analysts ◽  
Embedded Devices ◽  
Side Channel Analysis ◽  
Analysis Process ◽  
Channel Analysis ◽  
Optimal Values ◽  
Six Sigma Methodology

Performing a comprehensive side-channel analysis evaluation of small embedded devices is a process known for its variability and complexity. In real-world experimental setups, the results are largely influenced by a huge amount of parameters, some of which are not easily adjusted without trial and error and are heavily relying on the experience of professional security analysts. In this article, we advocate the usage of an existing statistical methodology called Six Sigma (6 ) for side-channel analysis optimization. This well-known methodology is commonly used in other industrial fields, such as production and quality engineering, to reduce the variability of industrial processes. We propose a customized Six Sigma methodology, which allows even a less-experienced security analysis to select optimal values for the different variables that are critical for the side-channel analysis procedure. Moreover, we show how our methodology helps in improving different phases in the side-channel analysis process.

Sign in / Sign up

Export Citation Format

Share Document