Research on Security Detection Technology for Internet of Things Terminal Based on Firmware Code Genes

Abstract

Internet of Things (IoT) terminals have firmware with heterogeneous, closed-source, and heavy business but light security characteristics, whereas on the edge, there are limited resources and a high code reuse rate. Once there are security risks at the firmware level, these risks are difficult to detect and discover, and the resulting impact quickly spreads over a wide range. Therefore, a similarity and homology analysis of firmware codes in an IoT terminal will be helpful for further research on firmware malicious code detection, vulnerability mining, backdoor discovery and copyright protection. Inspired by biological genes, this paper attempts to break away from the traditional feature-centered approach and focuses on code classification and the qualitative description of code features to discuss the idea of code similarity and homology analysis. Additionally, the proposed approach is information-centric, focusing on the informativeness (essentiality, stability, antivariability, and heritability) of the firmware code genes and the quantitative analysis of firmware code similarity and homology by discussing common methods and mechanisms. This paper presents security detection technology for IoT terminal firmware by measuring the gene distance between the codes. A prototype firmware security detection system (FSDS) for IoT terminals based on firmware code genes is designed and implemented. The experimental results show that this method has a good search matching effect and has certain advantages over traditional firmware security detection methods based on similarity theory.