RIOT Summit 2024, Keynote

Firmware Forensics: Semantic Functionality Identification Through Symbolic Execution and Program Simulation? Sebastian Schrittwieser (SBA Research) --- The rapid expansion of the Internet of Things (IoT) has connected a wide range of devices, from household items to industrial systems. Despite this growth, the exact functionalities contained in IoT firmware often remain unclear, with hidden features and potential backdoors posing significant security threats. In the past, symbolic execution has been used to reveal possible paths through programs, uncovering hidden functionalities and backdoors. This talk will cover existing work on symbolic execution and will further introduce a novel approach: identifying known algorithms through program simulation. By observing the input-output behavior of functions during simulated execution, our method can – independently from its actual implementation – identify malicious code, such as domain generation algorithms, within a binary firmware. -