Andrew Fasano, Zachary Estrada, Luke Craig, Ben Levy, Jordan McLeod, Jacques Becker, Elysia Witham, Cole DiLorenzo, Caden Kline, Ali Bobi (MIT Lincoln Laboratory), Dinko Dermendzhiev (Georgia Institute of Technology), Tim Leek (MIT Lincoln Laboratory), William Robertson (Northeastern University)

Firmware rehosting enables firmware execution and dynamic analysis. Prior rehosting work has taken a “one-size-fitsall” approach, where expert knowledge is baked into a tool and then applied to all input firmware. Penguin takes a new, targetcentric approach, building a whole-system rehosting environment tailored to the specific firmware being analyzed. A rehosting environment is specified by a configuration file that represents a series of transformations applied to the emulation environment. The initial rehosting configuration is derived automatically from analyzing the filesystem of an extracted firmware image, providing target-specific values such as directories, pseudofiles, and NVRAM keys. This approach allows Penguin to rehost systems from a wide variety of vendors. In tests on 13,649 embedded Linux firmware images from 69 different vendors and 8 architectures, Penguin was able to build rehosting environments that work for 75% more firmware than the prior state of the art. We implement a configuration minimizer that finds required transformations and show that most firmware require only a small number of transformations, with variation across vendors.

View More Papers

Heimdall: Towards Risk-Aware Network Management Outsourcing

Yuejie Wang (Peking University), Qiutong Men (New York University), Yongting Chen (New York University Shanghai), Jiajin Liu (New York University Shanghai), Gengyu Chen (Carnegie Mellon University), Ying Zhang (Meta), Guyue Liu (Peking University), Vyas Sekar (Carnegie Mellon University)

Read More

The Kids Are All Right: Investigating the Susceptibility of...

Elijah Bouma-Sims (Carnegie Mellon University), Lily Klucinec (Carnegie Mellon University), Mandy Lanyon (Carnegie Mellon University), Julie Downs (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University)

Read More

Horcrux: Synthesize, Split, Shift and Stay Alive; Preventing Channel...

Anqi Tian (Institute of Software, Chinese Academy of Sciences; School of Computer Science and Technology, University of Chinese Academy of Sciences), Peifang Ni (Institute of Software, Chinese Academy of Sciences; Zhongguancun Laboratory, Beijing, P.R.China), Yingzi Gao (Institute of Software, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Jing Xu (Institute of Software, Chinese…

Read More

Privacy Preserved Integrated Big Data Analytics Framework Using Federated...

Sarah Kaleem (Prince Sultan University, PSU) Awais Ahmad (Imam Mohammad Ibn Saud Islamic University, IMSIU), Muhammad Babar (Prince Sultan University, PSU), Goutham Reddy Alavalapati (University of Illinois, Springfield)

Read More