Kryptowire proposes a novel approach to automatically identify and mitigate known and zero-day vulnerabilities and code flaws on mobile systems Firmware images. Typically, when patching an application, developers have at their disposal the source code of that application, and a build system that allows them to recompile the application with the patch. However, in the domain of iOS and Android mobile devices, these assumptions are often unrealistic and instead, developers have only access to Firmware images that might be riddled with vulnerabilities and code flaws. Hence, patches must be woven directly into existing Firmware application binaries and frameworks with all operations taking at the Firmware binary level. To address these challenges, we propose FirmLock, a framework that will combine static, dynamic, and forced-path analysis in order to gain sufficient insight into all the Android binaries inside a firmware image and iOS frameworks. Core to our approach are code taint tracking and path validation techniques that will formally prove the code and data provenance within small blocks of binary code and then use these components to synthesize larger systems. In this OATS effort, our goal is to fully generate patches at the binary and bytecode level for ARM architectures achieving mitigation of identified vulnerabilities and sensitive APIs through framework removal even without access to source code for both legacy and new applications.
