IoTBec

IoTBec Workflow

Ground Truth Database
Test product

Vulnerability Signature
Interface Signature
Vulnerability Interface Signature

Code

python spider/spider_get_vendor_cve.py # crawl the corresponding vendor's CVEs and save them to the results/{Vendor}

Ground Truth Database

python spider/cve_filter_by_product.py # filter the CVEs of base product and save as result/{Vendor}/{Series}/{product}/{product}_{Vendor}_cve.csv

python cve_summary_by_llm.py # Using the Vulnerability Analyzer LLM to generate json-format Vulnerability Signatures，save as result/{Vendor}/{Series}/{product}/{product}_CVE.json

# Generate Interface Signature and save as result/{Vendor}/{Series}/{product}/{product}_page.json

python result/merge_page_and_CVE_for_db.py # {product}_page.json ∪ {product}_CVE.json

Test product

# Generate Interface Signature and save as result/{Vendor}/{Series}/{product}/{product}_page.json

python result/crash_reuse.py

# 生成result/{Vendor}/{Series}/{product}/result/*.json
python result/generate_poc_by_llm.py

# result/{Vendor}/{Series}/{product}/result/{product}.json
python result/exec_poc.py

Signature

Vulnerability Signature

// demo
[
  {
    "CVE ID": "CVE-2024-33180",
    "vendor": "Tenda",
    "product": "AC18",
    "vul_type": "Overflow",
    "URI": "/goform/saveParentControlInfo",
    "parameter or argument": "deviceId",
  }
]

Interface Signature

// demo
[
  {
    "vendor": "Tenda",
    "product": "AC18",
    "URI": "/goform/saveParentControlInfo",
    "form_parameter": "['deviceId', 'enable', 'time', 'url_enable', 'urls', 'day', 'limit_type']",
    "form_format": "key-value",
    "button": "Save",
    "navigation": "Parental Control->Parental Control"
  }
]

Vulnerability Interface Signature

// demo
[
  {
    "CVE ID": "CVE-2024-33180",
    "vendor": "Tenda",
    "product": "AC18",
    "URI": "/goform/saveParentControlInfo",
    "form_parameter": "['deviceId', 'enable', 'time', 'url_enable', 'urls', 'day', 'limit_type']",
    "form_format": "key-value",
    "button": "Save",
    "navigation": "Parental Control->Parental Control",
    "vul_type": "Overflow",
    "parameter or argument": "deviceId",
  }
]

Match

// demo
[
  {
    "vendor": "Tenda",
    "product": "AC5",
    "URI": "/goform/saveParentControlInfo",
    "form_parameter": "['deviceId', 'deviceName', 'enable', 'time', 'url_enable', 'urls', 'day', 'limit_type']",
    "form_format": "key-value",
    "button": "Save",
    "navigation": "Parental Control->Parental Control",
    "match_result": [
      {
        "CVE ID": "CVE-2024-33180",
        "vendor": "Tenda",
        "product": "AC18",
        "URI": "/goform/saveParentControlInfo",
        "form_parameter": "['deviceId', 'enable', 'time', 'url_enable', 'urls', 'day', 'limit_type']",
        "form_format": "key-value",
        "button": "Save",
        "navigation": "Parental Control->Parental Control",
        "vul_type": "Overflow",
        "function name": "",
        "parameter or argument": "deviceId",
      }
    ]
  }
]

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
code		code
cve_summary		cve_summary
data_in_paper		data_in_paper
fig		fig
Emulation_Env_Setup.md		Emulation_Env_Setup.md
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

IoTBec

IoTBec Workflow

Code

Ground Truth Database

Test product

Signature

Vulnerability Signature

Interface Signature

Vulnerability Interface Signature

Match

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

IoTBec

IoTBec Workflow

Code

Ground Truth Database

Test product

Signature

Vulnerability Signature

Interface Signature

Vulnerability Interface Signature

Match

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages