Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Firmware mirror image file flashing verification method and system based on fuzzy testing, and terminal

A technology of image files and fuzzing testing, applied in software deployment, instrument, platform integrity maintenance, etc., can solve the problem of insufficient accuracy of verification results, and achieve the effect of improving accuracy

Active Publication Date: 2021-11-02
SHANDONG YINGXIN COMP TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] This application provides a method, system and terminal for flashing and verifying firmware image files based on fuzzy testing, so as to solve the problem that the verification method in the prior art makes the accuracy of the verification result not high enough

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firmware mirror image file flashing verification method and system based on fuzzy testing, and terminal
  • Firmware mirror image file flashing verification method and system based on fuzzy testing, and terminal
  • Firmware mirror image file flashing verification method and system based on fuzzy testing, and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0058] see figure 1 , figure 1 It is a schematic flowchart of a method for flashing and verifying firmware image files based on fuzz testing provided in the embodiment of the present application. Depend on figure 1 As can be seen, in the present embodiment, the method for flashing and verifying firmware image files based on fuzz testing mainly includes the following steps:

[0059] S1: According to the UEFI file system structure, establish a data model for describing the composition of the firmware image file structure.

[0060] In the data model established in this embodiment, the firmware image file is divided into N segments, and each segment maintains an independent function in the firmware image file, where N is a natural number and N≥2.

[0061] That is, in this embodiment, by establishing a data model, the firmware image file is segmented according to independent functions, and each segment has its own independent function in the firmware image file. Through segment...

Embodiment 2

[0100] exist figure 1 On the basis of the illustrated embodiment see figure 2 , figure 2 It is a schematic structural diagram of a firmware image file flashing verification system based on fuzz testing provided by the embodiment of the present application.

[0101] Depend on figure 2 It can be seen that the fuzzy test-based firmware image file flashing verification system in this embodiment mainly includes: a data model building module, an identification module, a mutation module, a flashing module, a judgment module and a positioning module. Wherein, the data model building module is used to establish a data model for describing the composition of the firmware image file structure according to the UEFI file system structure. In the data model, the firmware image file is divided into N segments, and each segment is in the firmware image file. The independent function is maintained in, wherein, N is a natural number and N≥2, and this segment is the smallest unit that main...

Embodiment 3

[0109] The present application also provides a terminal, which includes: a processor and a memory connected to the processor in communication, wherein the memory stores instructions executable by the processor, and the instructions are executed by the processor so that the processor can perform the above A fuzzy test-based flashing verification method for firmware image files.

[0110] The method of flashing and verifying the firmware image file based on the fuzz test performed by the processor is as follows:

[0111] S1: According to the UEFI file system structure, establish a data model for describing the structure of the firmware image file. In the data model, the firmware image file is divided into N segments, and each segment maintains an independent function in the firmware image file. , N is a natural number and N≥2;

[0112] S2: Use the data model to identify the firmware image file to be tested;

[0113] S3: After the firmware image file to be tested is identified, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a firmware mirror image file flashing verification method and system based on fuzzy testing and a terminal, and the method comprises the steps of building a data model according to a UEFI file system structure; identifying the to-be-tested firmware mirror image file by using the data model; modifying each fragment in the to-be-tested firmware mirror image file in sequence by adopting a fuzzy testing method to form N varied to-be-tested firmware mirror image files; flashing the first firmware to the target hardware; judging whether the target hardware has firmware flashing security vulnerabilities or not according to the flashing result; if yes, according to the first firmware which is not subjected to legality verification, positioning a fragment which is not subjected to legality verification in the to-be-tested firmware mirror image file. The system comprises a data model establishment module, an identification module, a variation module, a flashing module, a judgment module and a positioning module. The terminal comprises a processor and a memory in communication connection with the processor. Through the method, the accuracy of vulnerability detection can be effectively improved.

Description

technical field [0001] The present application relates to the technical field of computer security penetration testing, in particular to a method, system and terminal for flashing and verifying firmware image files based on fuzz testing. Background technique [0002] With the rapid development of information technologies such as 5G, Internet of Things, Industrial Internet, smart manufacturing, and smart home, users have higher and higher requirements for computer security. Computer security includes software security and firmware security. Compared with software security, the life cycle of firmware security vulnerabilities is often longer, and there are many factors that lead to firmware security vulnerabilities, such as: platform configuration errors, platform update lag, and users' lack of awareness of firmware security. [0003] In firmware security, firmware flashing security is an important item. Firmware flashing refers to the process of writing new firmware into the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06F21/57G06F8/61
CPCG06F21/6227G06F21/577G06F8/63
Inventor 赵淼
Owner SHANDONG YINGXIN COMP TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com