![]() |
![]() |
University of Birmingham > Talks@bham > Computer Security Seminars > BackScan: Backdoor Detection via Functionality Profiling
BackScan: Backdoor Detection via Functionality ProfilingAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Gurchetan Grewal. This paper presents a hybrid approach to detect anomalous executables—potentially containing additional functionality backdoors—within the firmware of consumer off-the-shelf (COTS) embedded devices. A classifier derived from supervised learning is used to infer what kind of functionality a given executable has. This is then used to drive targeted static analysis passes which ascertain whether this executable conforms to its expected functionality profile. We have developed a new domain specific language, called Binary Functionality Description Language (BFDL), which encodes the static analysis passes to define different said functionality profiles. Finally, for firmware that contains anomalous executables, we build a profile by statically enumerating the possible services running on the corresponding device in order to check whether the anomalous executable is actually being executed. BackScan achieves an excellent classification of executable categories with virtually zero false positives for common services. Additionally, it identifies various new and existing backdoors within firmware from different vendors. It also manages to pinpoint specific areas within the firmware which exhibit suspicious behaviour such that it can be further analysed by an expert. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsBeverley Glover Type the title of a new list here Type the title of a new list hereOther talksKolmogorov-Smirnov type testing for structural breaks: A new adjusted-range based self-normalization approach TBA TBA TBA Ultrafast Spectroscopy and Microscopy as probes of Energy Materials Quantifying the economic and environmental effects of the RCEP |