کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
456228 695676 2016 10 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Determining image base of firmware for ARM devices by matching literal pools
ترجمه فارسی عنوان
بررسی پایه تصویر سیستم عامل برای دستگاه های ARM با تطبیق استخر تحت اللفظی
کلمات کلیدی
پایه تصویر؛ استخر تحت اللفظی؛ مهندسی معکوس؛ سیستم عامل؛ ARM
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
چکیده انگلیسی

In the field of reverse engineering, the correct image base of firmware has very important significance for the reverse engineers to understand the firmware by building accurate cross references. Furthermore, patching firmware needs to insert some instructions that references absolute addresses depending on the correct image base. However, for a large number of embedded system firmwares, the format is nonstandard and the image base is unknown. In this paper, we present a two-step method to determine the image base of firmwares for ARM-based devices. First, based on the storage characteristic of string in the firmware files and the encoding feature of literal pools that contain string addresses, we propose an algorithm called FIND-LP to recognize all possible literal pools in firmware. Second, we propose an algorithm called Determining image Base by Matching Literal Pools (DBMLP) to determine the image base. DBMLP can obtain the relationship between absolute addresses of strings and their corresponding offsets in a firmware file, thereby a candidate list for image base value is obtained. If the number of matched literal pools corresponding to a certain candidate image base is far greater than the others, this candidate is considered as the correct image base of the firmware. The experimental result indicates that the proposed method can effectively determine image base for a lot of firmwares that use the literal pools to store the string addresses.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Digital Investigation - Volume 16, March 2016, Pages 19–28
نویسندگان
, , , , ,