CveBinarySheet: A Comprehensive Pre-built Binaries Database for IoT Vulnerability Analysis
Lingfeng Chen
TL;DR
CveBinarySheet is a comprehensive database of precompiled IoT-related binaries with CVE details, supporting multiple architectures and compiler levels to aid vulnerability analysis research.
Contribution
It introduces a large, curated dataset of binaries with CVE annotations across various architectures and optimization levels, filling a critical gap for IoT vulnerability research.
Findings
Contains 1033 CVE entries from 1999 to 2024.
Supports 16 third-party components and five CPU architectures.
Includes binaries compiled at two optimization levels (O0 and O3).
Abstract
Binary Static Code Analysis (BSCA) is a pivotal area in software vulnerability research, focusing on the precise localization of vulnerabilities within binary executables. Despite advancements in BSCA techniques, there is a notable scarcity of comprehensive and readily usable vulnerability datasets tailored for diverse environments such as IoT, UEFI, and MCU firmware. To address this gap, we present CveBinarySheet, a meticulously curated database containing 1033 CVE entries spanning from 1999 to 2024. Our dataset encompasses 16 essential third-party components, including busybox and curl, and supports five CPU architectures: x86-64, i386, MIPS, ARMv7, and RISC-V64. Each precompiled binary is available at two compiler optimization levels (O0 and O3), facilitating comprehensive vulnerability analysis under different compilation scenarios. By providing detailed metadata and diverse binary…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Anomaly Detection Techniques and Applications · Advanced Malware Detection Techniques