Scalable Graph-based Bug Search for Firmware Images

Explore a conference talk from CCS 2016 that presents a scalable graph-based approach for bug searching in firmware images. Learn about the challenges of finding vulnerabilities in IoT devices and the innovative solution proposed by researchers from Syracuse University. Discover how raw feature extraction, feature learning, and high-level feature encoding contribute to efficient bug detection. Examine the evaluation process, including datasets, baseline comparisons, true positive rates, ROC curves, search efficiency, and scalability. Gain insights into the preparation time and comparative analysis with other methods. Conclude with a case study that demonstrates the practical application of this cutting-edge technique in enhancing IoT device security.

Intro
Finding vulnerabilities in loT devices is more crucial than ever!
Search for known vulnerabilities
Pair-wise graph matching is expensive!
A similar problem
We don't compare images one by one
Our approach
Raw feature extraction
Feature learning
High-level feature encoding
Evaluating
Evaluation: Datasets
Evaluation: Baseline Comparison
Evaluation: True Positive Rate
Evaluation: ROC curves
Evaluation: Search Efficiency
Evaluation: Search Scalability
Evaluation: Preparation Time
Evaluation: Compare with Multi-MH/Multi-k-MH
Evaluation: Case Study II
Conclusion