ELF Analyzer Demo: Online Identification for IoT Malwares with Multiple Hardware Architectures

Shin-Ming Cheng; Tao Ban; Jr-Wei Huang; Bing-Kai Hong; Daisuke Inoue

ELF Analyzer Demo: Online Identification for IoT Malwares with Multiple Hardware Architectures

Shin-Ming Cheng, Tao Ban, Jr-Wei Huang, Bing-Kai Hong, Daisuke Inoue

Published: 01 Jan 2020, Last Modified: 07 May 2025SP (Workshops) 2020EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: This demonstration presents an automatic IoT runtime platform with a web interface, ELF Analyzer, where suspicious ELF files uploaded by users could be executed and dynamically analyzed for malicious behavior identification. The key component of our platform is a crafted IoT sandbox, where multiple hardware architectures are emulated using QEMU. With the introduction of strace functionality, we demonstrate that system call and traffic logs of an uploaded ELF file with different hardware architectures can be generated successfully. After proper analysis, malicious ELF files can be identified.

Loading