Applying Binary Patch Comparison to Cisco IOS

In recent years, as router security has become more attention, the attack on the routers is on the rise. According to Cisco Security Advisory, research Cisco IOS vulnerabilitiesthrough fuzzing tests, determine the location of vulnerabilityby dynamic debugging in IOS simulation environment, and the binary comparison method is used to analyze the vulnerabilityproblems. However, the comparison results of binary comparison tool patchdiff are not obvious. After determining the comparison functions, you need to manually locate the specific vulnerablecode through different color identification. Here, on the basis of patchdiff comparison results, we propose an optimization method of graphical display, and determine a simple case of patch fix by using the set of code blocks instructions CRC. The experimental results indicate that in the specific mode of the patch fix, the optimized graphic can reflect the code patch blocks intuitively, highlight the automated analysis results, and shorten the time of locating vulnerability.