[HTML][HTML] Embedded fuzzing: a review of challenges, tools, and solutions
Fuzzing has become one of the best-established methods to uncover software bugs.
Meanwhile, the market of embedded systems, which binds the software execution tightly to …
Meanwhile, the market of embedded systems, which binds the software execution tightly to …
{P2IM}: Scalable and hardware-independent firmware testing via automatic peripheral interface modeling
Dynamic testing or fuzzing of embedded firmware is severely limited by hardware-
dependence and poor scalability, partly contributing to the widespread vulnerable IoT …
dependence and poor scalability, partly contributing to the widespread vulnerable IoT …
Fuzzware: Using precise {MMIO} modeling for effective firmware fuzzing
As embedded devices are becoming more pervasive in our everyday lives, they turn into an
attractive target for adversaries. Despite their high value and large attack surface, applying …
attractive target for adversaries. Despite their high value and large attack surface, applying …
Automatic firmware emulation through invalidity-guided knowledge inference
Emulating firmware for microcontrollers is challenging due to the tight coupling between the
hardware and firmware. This has greatly impeded the application of dynamic analysis tools …
hardware and firmware. This has greatly impeded the application of dynamic analysis tools …
{StateFuzz}: System {Call-Based}{State-Aware} linux driver fuzzing
Coverage-guided fuzzing has achieved great success in finding software vulnerabilities.
Existing coverage-guided fuzzers generally favor test cases that hit new code, and discard …
Existing coverage-guided fuzzers generally favor test cases that hit new code, and discard …
DICE: Automatic emulation of DMA input channels for dynamic firmware analysis
Microcontroller-based embedded devices are at the core of Internet-of-Things (IoT) and
Cyber-Physical Systems (CPS). The security of these devices is of paramount importance …
Cyber-Physical Systems (CPS). The security of these devices is of paramount importance …
Device-agnostic firmware execution is possible: A concolic execution approach for peripheral emulation
With the rapid proliferation of IoT devices, our cyberspace is nowadays dominated by
billions of low-cost computing nodes, which are very heterogeneous to each other. Dynamic …
billions of low-cost computing nodes, which are very heterogeneous to each other. Dynamic …
Syzdescribe: Principled, automated, static generation of syscall descriptions for kernel drivers
Fuzz testing operating system kernels has been effective overall in recent years. For
example, syzkaller manages to find thousands of bugs in the Linux kernel since 2017. One …
example, syzkaller manages to find thousands of bugs in the Linux kernel since 2017. One …
Agamotto: Accelerating kernel driver fuzzing with lightweight virtual machine checkpoints
Kernel-mode drivers are challenging to analyze for vulnerabilities, yet play a critical role in
maintaining the security of OS kernels. Their wide attack surface, exposed via both the …
maintaining the security of OS kernels. Their wide attack surface, exposed via both the …
[PDF][PDF] Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases.
JavaScript runtime systems include some specialized programming interfaces, called
binding layers. Binding layers translate data representations between JavaScript and unsafe …
binding layers. Binding layers translate data representations between JavaScript and unsafe …