skip to main content

Search for: All records

Creators/Authors contains: "Bagchi, S"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. null (Ed.)
    Given the increasing ubiquity of online embedded devices, analyzing their firmware is important to security, privacy, and safety. The tight coupling between hardware and firmware and the diversity found in embedded systems makes it hard to perform dynamic analysis on firmware. However, firmware developers regularly develop code using abstractions, such as Hardware Abstraction Layers (HALs), to simplify their job. We leverage such abstractions as the basis for the re-hosting and analysis of firmware. By providing high-level replacements for HAL functions (a process termed High-Level Emulation – HLE), we decouple the hardware from the firmware. This approach works by first locating the library functions in a firmware sample, through binary analysis, and then providing generic implementations of these functions in a full-system emulator. We present these ideas in a prototype system, HALucinator, able to re-host firmware, and allow the virtual device to be used normally. First, we introduce extensions to existing library matching techniques that are needed to identify library functions in binary firmware, to reduce collisions, and for inferring additional function names. Next, we demonstrate the re-hosting process, through the use of simplified handlers and peripheral models, which make the process fast, flexible, and portable between firmware samples and chip vendors. Finally, we demonstrate the practicality of HLE for security analysis, by supplementing HALucinator with the American Fuzzy Lop fuzzer, to locate multiple previously-unknown vulnerabilities in firmware middleware libraries. 
    more » « less
  2. Interactions between plants and herbivores are central in most ecosystems, but their strength is highly variable. The amount of variability within a system is thought to influence most aspects of plant-herbivore biology, from ecological stability to plant defense evolution. Our understanding of what influences variability, however, is limited by sparse data. We collected standardized surveys of herbivory for 503 plant species at 790 sites across 116° of latitude. With these data, we show that within-population variability in herbivory increases with latitude, decreases with plant size, and is phylogenetically structured. Differences in the magnitude of variability are thus central to how plant-herbivore biology varies across macroscale gradients. We argue that increased focus on interaction variability will advance understanding of patterns of life on Earth.

    more » « less
    Free, publicly-accessible full text available November 10, 2024
  3. null (Ed.)