引用本文
  • 孔凯薇,霍冬冬,苏东楠,徐震.IoT设备程序同源性智能检测技术综述[J].信息安全学报,2023,8(3):103-127    [点击复制]
  • Kong Kaiwei,Huo Dongdong,Su Dongnan,Xu Zhen.Survey of Intelligent Homology Detection Technology for IoT Programs[J].Journal of Cyber Security,2023,8(3):103-127   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

←前一篇|后一篇→

过刊浏览    高级检索

本文已被:浏览 2779次   下载 2643 本文二维码信息
码上扫一扫!
IoT设备程序同源性智能检测技术综述
孔凯薇1, 霍冬冬2,3, 苏东楠1, 徐震2,3
0
(1.北京计算机技术及应用研究所 北京 中国 100039;2.中国科学院信息工程研究所 北京 中国 100093;3.中国科学院大学 网络空间安全学院 北京 中国 100049)
摘要:
IoT设备与各行业的深度融合方兴日盛,使得IoT程序快速开发的需求不断增长。开发者习惯于集成第三方库或常用代码。不幸的是,若这些代码中隐藏着潜在的漏洞,那他们也会被扩散到不同的程序中,为其大规模扩散创造了条件。这也是造成近年来IoT设备群体性安全事件频发的重要原因之一。为了降低危害,发现具备相似漏洞的程序并进行相关的处置是一个有效的方法。同源性分析作为挖掘程序间关联关系的重要手段之一,可高效地实现程序漏洞的智能溯源取证。结合机器学习和深度学习技术,它表现出解决大规模程序安全性检测的巨大潜力。然而,IoT设备的软硬件特点仍使得该技术的使用面临挑战。当前已有诸多方案在IoT设备程序的同源性智能检测方面取得了进展。因此,本文将系统性回顾近年来相关技术研究的成果,将他们分为相似性分析和创作者归属技术。首先,我们介绍了两种方式的数据来源。接着,检测过程中涉及的特征选择、特征表示以及相对应的检测方法也被依次介绍。进一步的,本文不仅比较和总结了方案的特点和局限性,还对他们在不同类型IoT设备程序的适配性进行了对比分析。最后,文章针对IoT程序分析提出了一些研究建议。作者希望本综述可为研究者阐明这些工作的核心技术点,并为他们在IoT设备上的进一步应用提供启发。
关键词:  IoT设备|IoT程序同源性|相似性分析|创作者归属|智能检测
DOI:10.19363/J.cnki.cn10-1380/tn.2023.05.08
投稿时间:2022-09-10修订日期:2022-12-15
基金项目:本课题得到国家重点研发计划-制造大数据智能治理方法研究(No. 2018YFB1700403)资助。
Survey of Intelligent Homology Detection Technology for IoT Programs
Kong Kaiwei1, Huo Dongdong2,3, Su Dongnan1, Xu Zhen2,3
(1.Beijing Institute of Computer Technology and Applications, Beijing 100039, China;2.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;3.School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China)
Abstract:
The tendency that IoT devices are deeply integrated into industries is flourishing, which spawns large requirements for developing IoT programs rapidly. Developers are used to integrating third-party libraries or accustomed code. Unfortunately, if there are potential vulnerabilities hidden in these code, they will also be dispersed into different programs, creating conditions for its large-scale proliferation. This is an important reason for the frequent occurrence of mass IoT security incidents in recent years. To mitigate such incidents, finding programs with similar vulnerabilities to impose corresponding security treatments is an effective approach. Towards this issue, the homology analysis technology, as one of the important means to mine the association between programs, can realize the traceability and forensics of vulnerabilities. Combining with recent intelligent methods such as machine learning and deep learning technique, the homology analysis is showing great potential to fulfill the security detection for large-scale IoT programs. However, the hardware and software characteristics of IoT devices still make the use of this technology challenging. To this end, many studies have made progress in homology intelligent detection for IoT programs. In this paper, we provide a systematic review of state-of-the-art proposals, which are classified into similarity analysis and authorship attribution. First, we introduce these two types of work from the perspective of data sources. Then, specific features used in homology analysis, ways of feature representation and relevant detection methods are proposed to describe these proposals. Further, we not only compare characteristics of these studies to summarize their practicalities and limitations, but discuss their portability towards different types of IoT programs. Finally, some research suggestions are put forward. The authors hope that this review can clarify core processes of this technique and provide insights for its further applications on IoT devices.
Key words:  IoT devices|the homology of IoT programs|similarity analysis|authorship attribution|intelligent detection