ARMPatch: A Binary Patching Framework for ARM-based IoT Devices
DOI:
https://doi.org/10.13052/jwe1540-9589.2066Keywords:
ARMPatch; ARM-based IoT devices; ARM platformsAbstract
With the rapid advancement of hardware and internet technologies, we are surrounded by more and more Internet of Things (IoT) devices. Despite the convenience and boosted productivity that these devices have brought to our lives and industries, new security implications have arisen. IoT devices bring many new attack vectors, causing an increment of cyber-attacks that target these systems in the recent years. However, security vulnerabilities on numerous devices are often not fixed. This may due to providers not being informed in time, they have stopped maintaining these models, or they simply no longer exist. Even if an official fix for a security issue is finally released, it usually takes a long time. This gives hackers time to exploit vulnerabilities extensively, which in many cases requires customers to disconnect vulnerable devices, leading to outages. As the software is usually closed source, it is also unlikely that the community will review and modify the source code themselves and provide updates. In this study, we present ARMPatch, a flexible static binary patching framework for ARM-based IoT devices, with a focus on security fixes. After identified the unique challenges of performing binary patching on ARM platforms, we have provided novel features by replacing, modifying, and adding code to already compiled programs. Then, the viability and usefulness of our solution has been verified through demos and final programs on real devices. Finally, we have discussed the current limitations of our approach and future challenges.
Downloads
References
Mordor Intelligence, “internet of things (IoT) market – growth, trends, covid-19 impact, and forecasts (2021 – 2026),” 2020.
Mahmoud, R., T. Yousuf, F. Aloul and I. Zualkernan, “Internet of things (IoT) security: Current status, challenges and prospective measures,” in 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), London, UK, 2015.
Statista, “Arm’s market share and targets across key technology markets in 2019 and 2028 fiscal years,” August 2020. https://www.statista.com/statistics/1132112/arm-market-share-targets/.
M. Laurenzano, “Fast static binary instrumentation for linux/x86,” https://github.com/mlaurenzano/PEBIL.
D. Project, “DyninstAPI: Tools for binary instrumentation, analysis, and modification,” https://github.com/dyninst/dyninst.
GJDuck, “E9Patch – A Powerful Static Binary Rewriter,” https://github.com/GJDuck/e9patch.
utds3lab, “Multiverse, a static binary rewriter with an emphasis on simplicity and correctness,” https://github.com/utds3lab/multiverse.
Hewlett-Packard, “Dynamic Instrumentation Tool Platform”. https://dynamorio.org/.
Valgrind Developers “Valgrind: an instrumentation framework for building dynamic analysis tools,” https://www.valgrind.org/.
O. A. V. Ravnås, “Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers,” https://frida.re/.
Benjamin, S., D. Saumya and A. Gregory, “Disassembly of executable code revisited,” in 9th Working Conference on Reverse Engineering, WCRE 2002, Richmond, 2002.
Andriesse, D., X. Chen and V. v. d. Veen, “An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries,” in The 25th USENIX Security Symposium, Austin, 2016.
“OpenWrt Project” https://openwrt.org/.
Jiang, M., Y. Zhou, X. Luo, R. Wang, Y. Liu and K. Ren, “An empirical study on ARM disassembly tools,” Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, New York, 2020.
ARM, ARM Compiler toolchain Assembler Reference, 2011.
Duan, Y., X. Li, J. Wang and H. Yin, “DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing,” NDSS Symposium, San Diego, 2020.
Göktas, E., B. Kollenda, P. Koppe, E. Bosman, G. Portokalidis, T. Holz, H. Bos and C. Giuffrida, “Position-Independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure,” IEEE European Symposium on Security and Privacy (EuroS&P), London, UK, 2018.
