Boreas: Semantic-Aware Framework for Buffer Overflow Detection to Reduce Carbon Footprint in IoT Devices
The rapid development of the Industrial Internet of Things (IIoT) has raised concerns about device security and energy consumption. The widespread presence of buffer overflow (BOF) vulnerabilities in IoT devices not only threatens devices but also leads to increased carbon emissions. Traditional sta...
Uloženo v:
| Vydáno v: | IEEE internet of things journal Ročník 12; číslo 17; s. 34753 - 34767 |
|---|---|
| Hlavní autoři: | , , , , |
| Médium: | Journal Article |
| Jazyk: | angličtina |
| Vydáno: |
Piscataway
IEEE
01.09.2025
The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
| Témata: | |
| ISSN: | 2327-4662, 2327-4662 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | The rapid development of the Industrial Internet of Things (IIoT) has raised concerns about device security and energy consumption. The widespread presence of buffer overflow (BOF) vulnerabilities in IoT devices not only threatens devices but also leads to increased carbon emissions. Traditional static analysis methods suffer from low accuracy and high costs. Mainstream binary code similarity detection (BCSD) methods are mainly based on control flow graphs (CFGs) or instructions, which often fail to effectively capture semantic information. In this article, we propose Boreas, a semantic-aware BOF vulnerability detection framework to reduce the carbon footprint in IoT devices. The abstract syntax tree (AST) is employed to achieve precise semantic representation of multiarchitecture code. By considering the often-overlooked implicit data receiving points, Boreas comprehensively locates vulnerable binaries in firmware. By leveraging backward reaching definition analysis, Boreas removes extensive code irrelevant to BOF to simplify ASTs, enables cross-function/file detection and enhances interpretability for BCSD. Additionally, we develop a deep learning model AST-BERT for BCSD, which effectively transforms simplified ASTs into vectors. Based on the distance between target and vulnerable vectors, the accurate BOF detection is achieved. To evaluate the performance of Boreas, we construct a large-scale dataset containing real-world IoT firmware. Experiments show that Boreas outperforms state-of-the-art BCSD methods with the precision of 87.08% and leading static analysis tools with the F1-score of 88.81% in vulnerability detection. Finally, Boreas successfully discovers ten unknown critical vulnerabilities, all of which have been recognized by common vulnerabilities and exposure and covered by media. |
|---|---|
| AbstractList | The rapid development of the Industrial Internet of Things (IIoT) has raised concerns about device security and energy consumption. The widespread presence of buffer overflow (BOF) vulnerabilities in IoT devices not only threatens devices but also leads to increased carbon emissions. Traditional static analysis methods suffer from low accuracy and high costs. Mainstream binary code similarity detection (BCSD) methods are mainly based on control flow graphs (CFGs) or instructions, which often fail to effectively capture semantic information. In this article, we propose Boreas, a semantic-aware BOF vulnerability detection framework to reduce the carbon footprint in IoT devices. The abstract syntax tree (AST) is employed to achieve precise semantic representation of multiarchitecture code. By considering the often-overlooked implicit data receiving points, Boreas comprehensively locates vulnerable binaries in firmware. By leveraging backward reaching definition analysis, Boreas removes extensive code irrelevant to BOF to simplify ASTs, enables cross-function/file detection and enhances interpretability for BCSD. Additionally, we develop a deep learning model AST-BERT for BCSD, which effectively transforms simplified ASTs into vectors. Based on the distance between target and vulnerable vectors, the accurate BOF detection is achieved. To evaluate the performance of Boreas, we construct a large-scale dataset containing real-world IoT firmware. Experiments show that Boreas outperforms state-of-the-art BCSD methods with the precision of 87.08% and leading static analysis tools with the F1-score of 88.81% in vulnerability detection. Finally, Boreas successfully discovers ten unknown critical vulnerabilities, all of which have been recognized by common vulnerabilities and exposure and covered by media. |
| Author | Sha, Letian Chen, Xiao Gao, Qingguan Xiao, Fu Pan, Jiaye |
| Author_xml | – sequence: 1 givenname: Xiao orcidid: 0009-0008-1311-4994 surname: Chen fullname: Chen, Xiao email: 2020070132@njupt.edu.cn organization: School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China – sequence: 2 givenname: Letian surname: Sha fullname: Sha, Letian email: ltsha@njupt.edu.cn organization: School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China – sequence: 3 givenname: Qingguan surname: Gao fullname: Gao, Qingguan email: gaoqg@cyberpeace.cn organization: Sales Department, Nanjing Cyberpeace Information Technology Company Ltd., Nanjing, China – sequence: 4 givenname: Fu orcidid: 0000-0003-1815-2793 surname: Xiao fullname: Xiao, Fu email: xiaof@njupt.edu.cn organization: School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China – sequence: 5 givenname: Jiaye surname: Pan fullname: Pan, Jiaye email: panjy@njupt.edu.cn organization: School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China |
| BookMark | eNpNkE1LAzEQhoMoWGt_gOAh4HlrJsl-xFtbrVYKBa3nsJud4NZ2U7O7Lf57U1rQ0wzD884MzxU5r12NhNwAGwIwdf86WyyHnPF4KOJUQqrOSI8LnkYySfj5v_6SDJpmxRgLsRhU0iOfY-cxbx7oO27yuq1MNNrnHunU5xvcO_9FrfN03FmLni526O3a7ekjtmjaytW0dfQNy84gneS-CIOpc-3WV3VLq5rO3DKwu8pgc00ubL5ucHCqffIxfVpOXqL54nk2Gc0jw2XWRinLAZTiGLOs4LaMeWkllEqUBQiDaZZAlhUlxAWWzHDOAigFKCyVLQprRJ_cHfduvfvusGn1ynW-Die14DKVTMUSAgVHynjXNB6tDj9vcv-jgemDU31wqg9O9clpyNweMxUi_vHAIGEyE7-kYHRS |
| CODEN | IITJAU |
| Cites_doi | 10.1109/SP.2019.00003 10.1109/TSE.2022.3231621 10.14722/ndss.2018.23159 10.1609/aaai.v34i01.5466 10.1109/SP40000.2020.00036 10.48550/ARXIV.1706.03762 10.1109/DSN.2018.00052 10.1109/SP40001.2021.00066 10.18653/v1/D19-1410 10.14722/ndss.2024.24346 10.1145/3597926.3598062 10.1109/JIOT.2024.3506976 10.48550/ARXIV.1907.11692 10.1145/2976749.2978370 10.1109/JIOT.2022.3144405 10.1145/3359789.3359826 10.1145/3338507.3358616 10.1016/j.cose.2020.102032 10.1145/3533767.3534367 10.1007/978-3-031-50051-0_12 10.1109/ICSE43902.2021.00026 10.1145/3238147.3240480 10.1109/JIOT.2024.3389014 10.1145/3564625.3567975 10.5555/3241189.3241275 10.1109/TII.2024.3477563 10.1145/3133956.3134018 10.1109/DSN48987.2021.00036 10.1145/3460120.3484587 10.1145/3604611 10.1109/SP54263.2024.00127 10.1145/3460120.3484543 |
| ContentType | Journal Article |
| Copyright | Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2025 |
| Copyright_xml | – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2025 |
| DBID | 97E RIA RIE AAYXX CITATION 7SC 8FD JQ2 L7M L~C L~D |
| DOI | 10.1109/JIOT.2025.3574179 |
| DatabaseName | IEEE All-Society Periodicals Package (ASPP) 2005–Present IEEE All-Society Periodicals Package (ASPP) 1998–Present IEEE Electronic Library (IEL) CrossRef Computer and Information Systems Abstracts Technology Research Database ProQuest Computer Science Collection Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional |
| DatabaseTitle | CrossRef Computer and Information Systems Abstracts Technology Research Database Computer and Information Systems Abstracts – Academic Advanced Technologies Database with Aerospace ProQuest Computer Science Collection Computer and Information Systems Abstracts Professional |
| DatabaseTitleList | Computer and Information Systems Abstracts |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 2327-4662 |
| EndPage | 34767 |
| ExternalDocumentID | 10_1109_JIOT_2025_3574179 11016048 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Postgraduate Research and Practice Innovation Program of Jiangsu Province grantid: KYCX20_0829 funderid: 10.13039/501100005145 – fundername: 2024 Frontier Technology Research and Development Program of Jiangsu grantid: BF2024071 funderid: 10.13039/501100020963 |
| GroupedDBID | 0R~ 6IK 97E AAJGR AARMG AASAJ AAWTH ABAZT ABJNI ABQJQ ABVLG AGQYO AHBIQ AKJIK AKQYR ALMA_UNASSIGNED_HOLDINGS ATWAV BEFXN BFFAM BGNUA BKEBE BPEOZ EBS IFIPE IPLJI JAVBF OCL PQQKQ RIA RIE AAYXX CITATION M43 7SC 8FD JQ2 L7M L~C L~D |
| ID | FETCH-LOGICAL-c248t-70a11992e508b2fd52df41d93db13ce786188bd15bed0c220e504319ed9fbbfc3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001556064800002&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 2327-4662 |
| IngestDate | Thu Nov 20 16:01:34 EST 2025 Sat Nov 29 07:37:00 EST 2025 Wed Aug 27 07:37:17 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 17 |
| Language | English |
| License | https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html https://doi.org/10.15223/policy-029 https://doi.org/10.15223/policy-037 |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c248t-70a11992e508b2fd52df41d93db13ce786188bd15bed0c220e504319ed9fbbfc3 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0009-0008-1311-4994 0000-0003-1815-2793 |
| PQID | 3247409541 |
| PQPubID | 2040421 |
| PageCount | 15 |
| ParticipantIDs | proquest_journals_3247409541 crossref_primary_10_1109_JIOT_2025_3574179 ieee_primary_11016048 |
| PublicationCentury | 2000 |
| PublicationDate | 2025-09-01 |
| PublicationDateYYYYMMDD | 2025-09-01 |
| PublicationDate_xml | – month: 09 year: 2025 text: 2025-09-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationPlace | Piscataway |
| PublicationPlace_xml | – name: Piscataway |
| PublicationTitle | IEEE internet of things journal |
| PublicationTitleAbbrev | JIoT |
| PublicationYear | 2025 |
| Publisher | IEEE The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
| Publisher_xml | – name: IEEE – name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
| References | ref12 ref14 Devlin (ref38) 2018 ref11 ref10 Gibbs (ref15) ref17 ref16 ref19 (ref2) 2025 Pindur (ref7) 2024 ref18 (ref47) 2025 ref42 ref41 Wang (ref50) ref43 (ref44) 2025 ref4 ref3 ref6 ref5 Jiang (ref40) ref35 ref34 ref36 ref31 ref30 (ref48) 2025 ref33 ref32 ref1 (ref45) 2025 ref39 (ref8) 2025 Zheng (ref21) ref24 ref23 ref26 ref25 ref20 ref22 Chen (ref13) ref28 ref27 ref29 Son (ref49) 2024 (ref46) 2025 (ref9) 2025 He (ref37) |
| References_xml | – volume-title: 2024 CVE review—The ’critical, high, medium’ position shifting in cybersecurity. year: 2025 ident: ref47 – ident: ref24 doi: 10.1109/SP.2019.00003 – volume-title: Top 50 vendors by total number of ’distinct’ vulnerabilities year: 2025 ident: ref8 – volume-title: National vulnerability database. year: 2025 ident: ref48 – start-page: 1099 volume-title: Proc. 28th USENIX Secur. Symp. ident: ref21 article-title: FIRM-AFL: High-throughput greybox fuzzing of IoT firmware via augmented process emulation – ident: ref28 doi: 10.1109/TSE.2022.3231621 – ident: ref17 doi: 10.14722/ndss.2018.23159 – ident: ref33 doi: 10.1609/aaai.v34i01.5466 – volume-title: Binwalk. year: 2025 ident: ref44 – start-page: 1759 volume-title: Proc. 33rd USENIX Secur. Symp. ident: ref37 article-title: Code is not natural language: Unlock the power of semantics-oriented graph representation for binary code similarity detection – ident: ref12 doi: 10.1109/SP40000.2020.00036 – ident: ref39 doi: 10.48550/ARXIV.1706.03762 – volume-title: Two bytes is plenty: FortiGate RCE with CVE-2024-21762. year: 2024 ident: ref7 – volume-title: PyTorch. year: 2025 ident: ref46 – ident: ref11 doi: 10.1109/DSN.2018.00052 – ident: ref18 doi: 10.1109/SP40001.2021.00066 – start-page: 303 volume-title: Proc. 30th USENIX Secur. Symp. ident: ref13 article-title: Sharing more and checking less: Leveraging common input keywords to detect bugs in embedded systems – ident: ref43 doi: 10.18653/v1/D19-1410 – ident: ref16 doi: 10.14722/ndss.2024.24346 – start-page: 54 volume-title: Proc. 37th Conf. Uncertainty Artif. Intell. ident: ref40 article-title: TreeBERT: A tree-based pre-trained model for programming language – ident: ref14 doi: 10.1145/3597926.3598062 – ident: ref5 doi: 10.1109/JIOT.2024.3506976 – ident: ref42 doi: 10.48550/ARXIV.1907.11692 – volume-title: IDA pro. year: 2025 ident: ref45 – ident: ref29 doi: 10.1145/2976749.2978370 – ident: ref4 doi: 10.1109/JIOT.2022.3144405 – ident: ref20 doi: 10.1145/3359789.3359826 – ident: ref19 doi: 10.1145/3338507.3358616 – ident: ref32 doi: 10.1016/j.cose.2020.102032 – ident: ref26 doi: 10.1145/3533767.3534367 – ident: ref3 doi: 10.1007/978-3-031-50051-0_12 – ident: ref41 doi: 10.1109/ICSE43902.2021.00026 – volume-title: Ongoing Mirai Botnet Campaign Targeting Industrial Routers year: 2025 ident: ref2 – ident: ref31 doi: 10.1145/3238147.3240480 – ident: ref34 doi: 10.1109/JIOT.2024.3389014 – volume-title: CVE-2024-42815 (CVSS 9.8): Buffer overflow flaw in TP-link routers opens door to RCE. year: 2024 ident: ref49 – ident: ref27 doi: 10.1145/3564625.3567975 – ident: ref10 doi: 10.5555/3241189.3241275 – volume-title: 2024 lebanon electronic device attacks. ident: ref1 – ident: ref6 doi: 10.1109/TII.2024.3477563 – volume-title: Common vulnerabilities and exposures year: 2025 ident: ref9 – ident: ref30 doi: 10.1145/3133956.3134018 – ident: ref35 doi: 10.1109/DSN48987.2021.00036 – start-page: 4265 volume-title: Proc. 33rd USENIX Secur. Symp. ident: ref50 article-title: Improving ML-based binary function similarity detection by assessing and deprioritizing control flow graph features – ident: ref25 doi: 10.1145/3460120.3484587 – start-page: 7123 volume-title: Proc. 33rd USENIX Secur. Symp. ident: ref15 article-title: Operation mango: Scalable discovery of taint-style vulnerabilities in binary firmware services – ident: ref36 doi: 10.1145/3604611 – year: 2018 ident: ref38 article-title: BERT: Pre-training of deep bidirectional transformers for language understanding publication-title: arXiv:1810.04805 – ident: ref23 doi: 10.1109/SP54263.2024.00127 – ident: ref22 doi: 10.1145/3460120.3484543 |
| SSID | ssj0001105196 |
| Score | 2.350714 |
| Snippet | The rapid development of the Industrial Internet of Things (IIoT) has raised concerns about device security and energy consumption. The widespread presence of... |
| SourceID | proquest crossref ieee |
| SourceType | Aggregation Database Index Database Publisher |
| StartPage | 34753 |
| SubjectTerms | Abstract syntax tree (AST) Accuracy binary code similarity detection (BCSD) Binary codes buffer overflow (BOF) Buffer overflows Buffers Carbon Carbon footprint Computer architecture Deep learning Devices Emissions encoder representations from transformer (BERT) Energy consumption Firmware Flow graphs Footprint analysis Industrial applications Industrial Internet of Things Industrial Internet of Things (IIoT) Internet of Things Logic Microprogramming reaching definition analysis Semantics siamese network Static analysis Syntactics |
| Title | Boreas: Semantic-Aware Framework for Buffer Overflow Detection to Reduce Carbon Footprint in IoT Devices |
| URI | https://ieeexplore.ieee.org/document/11016048 https://www.proquest.com/docview/3247409541 |
| Volume | 12 |
| WOSCitedRecordID | wos001556064800002&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVIEE databaseName: IEEE/IET Electronic Library customDbUrl: eissn: 2327-4662 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0001105196 issn: 2327-4662 databaseCode: RIE dateStart: 20140101 isFulltext: true titleUrlDefault: https://ieeexplore.ieee.org/ providerName: IEEE |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3NS8MwFA86PHhxfkycTsnBk9CtST_SeNumw4lsolN2K03yigNtZevcv2-StQwRD95KSUp5v3y8j997D6FLCsIHE2QV2lJzfGUcTcCpo4RMg0RfCMq6sl8f2GgUTaf8sUxWt7kwAGDJZ9A2jzaWr3K5NK6yDrH10PxoG20zxtbJWhuHCjHaSFhGLonLO_fD8URbgDRoewEznbZ-3D22mcqvE9heK4P6P39oH-2V-iPurgE_QFuQHaJ61ZsBl1v1CL31ckM3v8bP8KGFN5NOd5XMAQ8qMhbW2iruLU17FDzW6zl9z1f4BgpLzcpwkeMnU9UVcD-ZC_1ikOeFcQIWeJbhYT7RY-0h00Avg9tJ_84puyo4kvpR4TA3IYZzClo1EzRVAVWpTxT3lCCeBBaFJIqEIoEA5UpKXTBFzggHxVMhUukdo1qWZ3CCMJPcVR4NohCUHyk30VCnqRZ9SLlSkjXRVSXv-HNdPCO2RofLYwNObMCJS3CaqGEEvBlYyraJWhVEcbm_FrFWA5m2TAOfnP4x7Qztmq-v6WAtVCvmSzhHO_KrmC3mF3bpfAP_18Or |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LS8NAEB58gV58i9Wqe_AkRLObTZP1ptXSam1Fq3gL2d0JFjSRmurfd3ebIiIevIWwS8J8-5jHNzMAhwwlRxtklcZS87i2jiYUzNNSZWFqLgTtXNmP3ajXi5-exG2VrO5yYRDRkc_w2D66WL4u1Ni6yk6oq4fG41mYDzlndJKu9e1SoVYfaVSxS-qLk6tOf2BsQBYeB2Fke239uH1cO5VfZ7C7WFor__ylVViuNEhyNoF8DWYwX4eVaXcGUm3WDXg-Lyzh_JTc46sR31B5Z5_pCElrSsciRl8l52PbIIX0zYrOXopPcoGlI2flpCzIna3riqSZjqR50SqK0roBSzLMSacYmLHumNmEh9bloNn2qr4KnmI8Lr3IT6llnaJRziTLdMh0xqkWgZY0UBjFDRrHUtNQovYVYz7aMmdUoBaZlJkKtmAuL3LcBhIp4euAhXEDNY-1nxqws8yIvsGE1iqqwdFU3snbpHxG4swOXyQWnMSCk1Tg1GDTCvh7YCXbGtSnECXVDntPjCIYGds05HTnj2kHsNge3HSTbqd3vQtL9ksTclgd5srRGPdgQX2Uw_fRvltGX1bXxvI |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Boreas%3A+Semantic-Aware+Framework+for+Buffer+Overflow+Detection+to+Reduce+Carbon+Footprint+in+IoT+Devices&rft.jtitle=IEEE+internet+of+things+journal&rft.au=Chen%2C+Xiao&rft.au=Sha%2C+Letian&rft.au=Gao%2C+Qingguan&rft.au=Xiao%2C+Fu&rft.date=2025-09-01&rft.pub=IEEE&rft.eissn=2327-4662&rft.volume=12&rft.issue=17&rft.spage=34753&rft.epage=34767&rft_id=info:doi/10.1109%2FJIOT.2025.3574179&rft.externalDocID=11016048 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2327-4662&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2327-4662&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2327-4662&client=summon |