VSFBS: Vulnerability Search in Firmware Based on String

Searching homologous vulnerabilities in firmware from different platforms is key for protecting the Internet of Things (IoT) devices. Due to the hard work to acquire the source code, the existing works mainly focused on binary code, and many methods have been used to find vulnerabilities in binary code, like 1) numerical features are used to achieve efficient prefiltering, however, a large number of experiments showed that this method is which is lack of adaptability in some platforms; 2) structural features are used to achieve the accurate matching, but it will bring low efficiency. Based on the shortcomings of the existing methods, we proposed a lightweight method to search vulnerabilities of firmware in a cross-platform model. The main idea of this method is to exploit readable string literals inside functions combined with local call graph and use these string literals as a feature of each function in form of text, then MinHash LSH and MinHash LSH Forest algorithms are used to achieve similarity calculation of this feature according to different online search scenarios. Finally, we employed an optimization stage based on numeric features to improve the rank of similar function, which allows us to search for a similar function more accurately. The experimental results on the open library OpenSSL showed that our method has more robust performance in terms of filtering accuracy, and it is about 1 order of magnitude faster than the two existing methods in terms of efficiency.