Australian Information Security Management Conference

Document Type

Conference Proceeding


SRI Security Research Institute, Edith Cowan University, Perth, Western Australia


13th Australian Information Security Management Conference, held from the 30 November – 2 December, 2015 (pp. 11-27), Edith Cowan University Joondalup Campus, Perth, Western Australia.


Network routers are a core component of contemporary SoHo networks. The firmware within these devices provides routing, control and monitoring functionality coupled with mechanisms to ensure a secure and reliable network. End-users are typically reliant on manufacturers to provide timely firmware updates to mitigate known vulnerabilities. An investigation was undertaken to identify the underlying software components used in the firmware of currently available, SoHo network devices used in Australia. Firmware from 37 devices was deconstructed to identify potential security issues; in each instance, the firmware images were found to include vulnerabilities, obsolete software and out-of-date operating system components. 95% of the deconstructed firmware was based on Linux. The Linux kernels identified were typically discontinued and are no longer actively maintained. This paper demonstrates a method for undertaking the analysis and summaries the outcomes of the research.