Firmware binary code analysis for vulnerability detection

Internet of Things (IoT) constitutes a variety of devices, ranging from tiny sensors and actuators to programmable controllers that drive critical infrastructure such as water, power, through to general purpose mobile devices in the home, work, or city environment. Irrespective of the type of a device, software code, the so-called firmware, remains a common component across all of them and it is (anecdotally) believed that such code is not updated frequently, thereby leaving bugs in code forever.

A side effect of having such a heterogeneous computing environment is the variety of "compiled" code running on such a diverse set of devices. This poses a challenge for developing automatic program analysis techniques to cope with the syntactically different looking code. Past research has shown that vulnerability extrapolation is a possibility, for example, through approaches to systematically compare binary code to find patterns leading to vulnerable code.

In this project, we aim to investigate techniques that are tailored towards analysing binary code by stripping off syntactical differences. The project is open in the sense that one can investigate static as well as dynamic program analysis techniques, for example abstract interpretation, fuzzing etc. There is a particular focus on investigating the application of machine learning (ML) based approaches, e.g., natural language processing (NLP), to find similar code patterns.

NLP-based techniques are known to work with languages with very different syntactical structure. One particular aspect is to map assembly code-based representation of compiled code in a form suitable for applying NLP. In short, the project will allow one to explore techniques to analyse binary code