Compressed Firmware Classification Based on Extra Trees and Doc2Vec | Zendy

Jing Qiu | Zendy; Xiaoxu Geng | Zendy; Guanglu Sun | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Compressed Firmware Classification Based on Extra Trees and Doc2Vec

Author(s) -

Jing Qiu,

Xiaoxu Geng,

Guanglu Sun

Publication year - 2021

Publication title -

scientific programming

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.269

H-Index - 36

eISSN - 1875-919X

pISSN - 1058-9244

DOI - 10.1155/2021/2666153

Subject(s) - firmware , computer science , vendor , operating system , software , data mining , business , marketing

Firmware formats vary from vendor to vendor, making it difficult to track which vendor or device the firmware belongs to, or to identify the firmware used in an embedded device. Current firmware analysis tools mainly distinguish firmware by static signatures in the firmware binary code. However, the extraction of a signature often requires careful analysis by professionals to obtain it and requires a significant investment of time and effort. In this paper, we use Doc2Vec to extract and process the character information in firmware, combine the file size, file entropy, and the arithmetic mean of bytes as firmware features, and implement the firmware classifier by combining the Extra Trees model. The evaluation is performed on 1,190 firmware files from 5 router vendors. The accuracy of the classifier is 97.18%, which is higher than that of current approaches. The results show that the proposed approach is feasible and effective.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research