KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware

Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

9 Citations (Scopus)


Low-power, single-purpose embedded devices (e.g., routers and IoT devices) have become ubiquitous. While they automate and simplify many aspects of users' lives, recent large-scale attacks have shown that their sheer number poses a severe threat to the Internet infrastructure. Unfortunately, the software on these systems is hardware-dependent, and typically executes in unique, minimal environments with non-standard configurations, making security analysis particularly challenging. Many of the existing devices implement their functionality through the use of multiple binaries. This multi-binary service implementation renders current static and dynamic analysis techniques either ineffective or inefficient, as they are unable to identify and adequately model the communication between the various executables. In this paper, we present Karonte, a static analysis approach capable of analyzing embedded-device firmware by modeling and tracking multi-binary interactions. Our approach propagates taint information between binaries to detect insecure interactions and identify vulnerabilities. We first evaluated Karonte on 53 firmware samples from various vendors, showing that our prototype tool can successfully track and constrain multi-binary interactions. This led to the discovery of 46 zero-day bugs. Then, we performed a large-scale experiment on 899 different samples, showing that Karonte scales well with firmware samples of different size and complexity.
Original languageEnglish
Title of host publicationProceedings 2020 IEEE Symposium on Security and Privacy, SP 2020
Number of pages18
ISBN (Electronic)978-1-7281-3497-0
Publication statusPublished - 1 May 2020
Externally publishedYes
Event41st IEEE Symposium on Security & Privacy 2020 - San Francisco, United States
Duration: 18 May 202020 May 2020
Conference number: 41


Conference41st IEEE Symposium on Security & Privacy 2020
CountryUnited States
CitySan Francisco
Internet address


  • Cybersecurity


Dive into the research topics of 'KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware'. Together they form a unique fingerprint.

Cite this