Firmware Fuzzy Test System Oriented to New Generation Firmware Interface Standard

doi:10.3969/j.issn.1000-3428.2014.07.057

Computer Engineering

Previous Articles Next Articles

Firmware Fuzzy Test System Oriented to New Generation Firmware Interface Standard

MA Jia-min¹, PAN Li ¹, YAO Jie-wen ²

(1. Department of Electronic Engineering, School of Electronic Information and Electric Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2. Intel Asia-pacific Research and Development Ltd., Shanghai 200336, China)

Received:2013-06-20 Online:2014-07-15 Published:2014-07-14

面向新一代固件接口标准的固件模糊测试系统

马佳敏¹，潘理¹，姚颉文²

(1. 上海交通大学电子信息与电气工程学院电子工程系，上海 200240；2. Intel亚太研发有限公司，上海 200336)?

作者简介:马佳敏(1989－)，男，硕士研究生，主研方向：访问控制，系统软件测试；潘理，副教授、博士生导师；姚颉文，工程师。
基金资助:
国家自然科学基金资助项目(60903191)；上海市自然科学基金资助项目(11ZR1418500)；上海市优秀技术带头人计划基金资助项目(13XD1425100)。

Abstract

Abstract: With the increase of code vulnerabilities in Unified Extensible Firmware Interface(UEFI) firmware and the lack of effective vulnerability detection systems, this paper develops a fuzzy test system for UEFI firmware. It applies fuzzy test technique to UEFI firmware vulnerability detection. The system reuses test framework of Self Certification Test(SCT) system, generates test data through a special subsystem to ensure the quality and provides APIs for creating test cases. Also, the vulnerability detection capability of the system is revealed through real security vulnerability in UEFI firmware. Experimental results show that, test cases can be written more easily but with 15% higher code coverage than the SCT system based on this system, which ensures the ability to detect deep, high risk security vulnerabilities.

Key words: Unified Extensible Firmware Interface(UEFI), fuzzy test, firmware, code coverage rate, vulnerability detection, Basic Input Output System(BIOS)

摘要： 针对当前统一可扩展固件接口(UEFI)固件漏洞大幅增多，且缺乏高效漏洞检测系统的问题，提出面向UEFI固件的模糊测试系统，采用模糊测试技术检测固件漏洞。该系统复用了原UEFI下自我认证测试系统的测试框架，同时使用专门的子系统生成高针对性的测试数据，并基于UEFI固件的驱动-协议模型为测试用例提供统一的编程接口。以一个UEFI下实际的固件安全漏洞为例，揭示该系统检测固件安全漏洞的能力。实验结果表明，该模糊测试系统不仅可以简化测试用例的开发，而且编写的测试用例比自我认证测试系统提升了15%的代码覆盖率，能有效应用于UEFI固件深层、高危安全漏洞的检测。

关键词: 统一可扩展固件接口, 模糊测试, 固件, 代码覆盖率, 漏洞检测, 基本输入输出系统

CLC Number:

TP311

MA Jia-min, PAN Li, YAO Jie-wen. Firmware Fuzzy Test System Oriented to New Generation Firmware Interface Standard[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2014.07.057.

马佳敏，潘理，姚颉文. 面向新一代固件接口标准的固件模糊测试系统[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2014.07.057.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2014.07.057

http://www.ecice06.com/EN/Y2014/V40/I7/277

References

参考文献 [1] Zimmer V, Rothman M, Marisetty S. Beyond BIOS: Developing with the Unified Extensible Firmware Interface[M]. 2nd ed. [S. l.]: Intel Press, 2010. [2] 周振柳, 计算机固件安全技术[M]. 北京: 清华大学出版社, 2012. [3] 唐艳武, 蒋凡. 上下文相关的软件漏洞模式自动提取方法[J]. 计算机工程, 2010, 36(17): 51-56. [4] Ding Sun, Tan H B K, Liu Kaiping, et al. Detection of Buffer Overflow Vulnerabilities in C/C++ with Pattern Based Limited Symbolic Evaluation[C]//Proc. of the 36th International Conference on Computer Software and Applications. Lzmir, Turkey: [s. n.], 2012: 559-564. [5] Yang Dingning, Zhang Yuqing, Liu Qixu. BlendFuzz: A Model-based Framework for Fuzz Testing Programs with Grammatical Inputs[C]//Proc. of the 11th International Conference on Trust, Security and Privacy in Computing and Communications. Liverpool, UK: [s. n.], 2012: 1070-1076. [6] 李伟明, 张爱芳, 刘建财, 等. 网络协议的自动化模糊测试漏洞挖掘方法[J]. 计算机学报, 2011, 34(2): 242-254. [7] 沈亚楠, 赵荣彩, 王小芹, 等. 基于文件规范描述的文件模糊测试[J]. 计算机工程, 2010, 36(16): 52-53, 59. [8] Liu Zhi, Zhang Xiaosong, Li Xiongda. Proactive Vulnerability Finding via Information Flow Tracing[C]//Proc. of the 2nd International Conference on Multimedia Information Networking and Security. Nanjing, China: Nanjing University, 2010: 481-485. [9] 唐和平, 黄曙光, 张亮. 动态信息流分析的漏洞利用检测系统[J]. 计算机科学, 2010, 37(7): 148-151. [10] 章烨. Fuzz安全测试技术研究[D]. 西安: 西安电子科技大学, 2010. [11] Intel Corporation. EDK II Module Writer’s Guide Revision 0.01[EB/OL]. [2013-06-18]. http://www.intel.com/. [12] 姚颉文, 谢康林, 石永军, 等. 基于EFI驱动-协议模型的自我认证测试系统[J]. 计算机仿真, 2005, 22(7): 75-78. [13] Sutton M, Greene A, Amini P. Fuzzing Brute Force Vulnerability Discovery[M]. [S. l.]: Addison-Wesley, 2006. [14] Intel Corporation. UEFI SCT Case Writers Guide 0.91[EB/OL]. [2013-06-18]. http://www.uefi.org. [15] Intel Corporation. EDK II Lab Setup & NT32 Build[EB/OL]. [2013-06-18]. http://uefidk.intel.com/. [16] Bullseye Testing Technology. BullseyeCoverage Measurement Technique[EB/OL]. [2013-06-18]. http://www.bullseye.com/ measurementTechnique.html. 编辑顾逸斐

Please choose a citation manager

Content to export

Firmware Fuzzy Test System Oriented to New Generation Firmware Interface Standard

面向新一代固件接口标准的固件模糊测试系统

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

[1]	JIANG Yaguang, CHEN Xi, LI Jianbin, YAN Jingchen, LIU Shuyuan, LI Kunchang. LSTM-based Fuzzy Test Case Generation Method for S7 Protocol [J]. Computer Engineering, 2021, 47(7): 183-188.
[2]	ZHU Xinbing, LI Qingbao, ZHANG Ping, CHEN Zhifeng, GU Yanyang. Security Threat Model for IoT Terminal Firmware with a New Attack Surface [J]. Computer Engineering, 2021, 47(7): 126-134.
[3]	LI Minglei, LU Yuliang, HUANG Hui, ZHU Kailong. Guided Grey-Box Fuzzing Test Method Combining Distance and Weight [J]. Computer Engineering, 2021, 47(3): 147-154.
[4]	WANG Yuxin, GAO Meifeng. An Improved Incremental Update Algorithm for Firmware [J]. Computer Engineering, 2020, 46(10): 210-215.
[5]	ZHANG Wanying, CAO Xiaomei, CHEN Wei. Solution for Environment Interaction Problem in Whitebox Fuzz Testing [J]. Computer Engineering, 2020, 46(1): 216-221.
[6]	LIAO Fangyuan, GAN Zhiwang. Vulnerability Analysis and Detection of Android System Signature [J]. Computer Engineering, 2019, 45(8): 25-30.
[7]	ZHOU Weiping, YANG Weiyong, WANG Xuehua, MAO Bing. Research on Penetration Testing Tool for Industrial Control System [J]. Computer Engineering, 2019, 45(8): 92-101.
[8]	HUANG He, CHEN Jun, DENG Haojiang. Fuzzy Testing Algorithm for Modbus/TCP Based on Recurrent Neural Networks [J]. Computer Engineering, 2019, 45(7): 164-169.
[9]	XIA Zhiyang, YI Ping, YANG Tao. Static Vulnerability Detection Based on Neural Network and Code Similarity [J]. Computer Engineering, 2019, 45(12): 141-146.
[10]	GU Jiateng,XIN Yang. XSS Vulnerability Detection Model Based on Dynamic Analysis [J]. Computer Engineering, 2018, 44(10): 34-41.
[11]	LI Deng,YIN Qing,LIN Jian,Lü Xuefeng. Firmware Vulnerability Detection in Embedded Device Based on Homology Analysis [J]. Computer Engineering, 2017, 43(1): 72-78.
[12]	WU Shaohua,SUN Dan,HU Yong. Web Server Identification Based on Bayesian Theory [J]. Computer Engineering, 2015, 41(7): 190-193,198.
[13]	DU Zhen-long,SHA Guang-xia,LI Xiao-li,SHEN Gang-gang. Customization and Update Research on Capsule Type Firmware Based on UEFI [J]. Computer Engineering, 2014, 40(10): 292-295,303.
[14]	XU Hong-yun, CHEN Zhi-feng. An Improved Visualization Layout Algorithm IGVA [J]. Computer Engineering, 2013, 39(12): 298-302.
[15]	FU Sai-Yuan, LIU Gong-Shen, LI Jian-Hua. Research of Malicious Code Defense Technology Based on UEFI Firmware [J]. Computer Engineering, 2012, 38(9): 117-120.

模态框（Modal）标题

Please choose a citation manager

Content to export

Firmware Fuzzy Test System Oriented to New Generation Firmware Interface Standard

面向新一代固件接口标准的固件模糊测试系统

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments