	US 12,223,050 B2
	Apparatus for analyzing non-informative firmware and method using the same
Dae-Won Kim, Daejeon (KR); Sang-Su Lee, Daejeon (KR); Yong-Je Choi, Daejeon (KR); Byeong-Cheol Choi, Daejeon (KR); Dong-Wook Kang, Daejeon (KR); and Yang-Seo Choi, Daejeon (KR)
Assigned to ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE, Daejeon (KR)
Filed by ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE, Daejeon (KR)
Filed on Oct. 25, 2022, as Appl. No. 18/049,523.
Claims priority of application No. 10-2021-0153073 (KR), filed on Nov. 9, 2021.
Prior Publication US 2023/0142407 A1, May 11, 2023
Int. Cl. G06F 21/57 (2013.01); G06F 9/30 (2018.01); G06F 9/345 (2018.01); G06F 9/38 (2018.01)

CPC G06F 21/572 (2013.01) [G06F 9/3005 (2013.01); G06F 9/345 (2013.01); G06F 9/3836 (2013.01)]

10 Claims

1. A method for analyzing non-informative firmware, comprising:

detecting a target instruction for firmware analysis in a memory map in non-informative firmware;

generating an analysis list based on memory map information corresponding to the target instruction; and

generating a visualized analysis result corresponding to the firmware by grouping entries of the analysis list by preset reference bytes,

wherein the target instruction is a non-informative instruction in which a string related to a memory map hint is not included, and includes a first instruction for executing a branch and a second instruction in which a specific value in a predefined format is used for a register operation without any description, and

wherein the analysis list is generated by inputting a branch target address of the first instruction and the specific value in the predefined format used in the second instruction according to a sequence order.