Ren et al., 2023 - Google Patents
Intelligent Zigbee Protocol Fuzzing via Constraint-Field Dependency InferenceRen et al., 2023
View PDF- Document ID
- 14808015130884616907
- Author
- Ren M
- Zhang H
- Ren X
- Ming J
- Lei Y
- Publication year
- Publication venue
- European Symposium on Research in Computer Security
External Links
Snippet
Zigbee is one of the global most popular IoT standards widely deployed by millions of devices and customers. Its fast market growth also incentivizes cybercriminals. Inference- guided fuzzing has shown promising results for security vulnerability detection, which infers …
- 230000035772 mutation 0 abstract description 34
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
- G06F8/44—Encoding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/445—Programme loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
- G06F8/436—Semantic checking
- G06F8/437—Type checking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Natella | Stateafl: Greybox fuzzing for stateful network servers | |
| Cheng et al. | DTaint: detecting the taint-style vulnerability in embedded device firmware | |
| Zheng et al. | Efficient greybox fuzzing of applications in Linux-based IoT devices via enhanced user-mode emulation | |
| Yun et al. | Fuzzing of embedded systems: A survey | |
| Cao et al. | EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework. | |
| Nielsen et al. | Nodest: feedback-driven static analysis of Node. js applications | |
| Choi et al. | NTFuzz: Enabling type-aware kernel fuzzing on windows with static binary analysis | |
| Staicu et al. | An empirical study of information flows in real-world javascript | |
| He et al. | {RapidPatch}: firmware hotpatching for {Real-Time} embedded devices | |
| Thomas et al. | HumIDIFy: a tool for hidden functionality detection in firmware | |
| Shcherbakov et al. | Serialdetector: Principled and practical exploration of object injection vulnerabilities for the web | |
| Eisele et al. | Embedded fuzzing: a review of challenges, tools, and solutions | |
| Chen et al. | Syzgen: Automated generation of syscall specification of closed-source macos drivers | |
| Ren et al. | Z-Fuzzer: device-agnostic fuzzing of Zigbee protocol implementation | |
| Arzt et al. | The soot-based toolchain for analyzing android apps | |
| Luo et al. | Westworld: Fuzzing-assisted remote dynamic symbolic execution of smart apps on iot cloud platforms | |
| Tay et al. | Greenhouse:{Single-Service} Rehosting of {Linux-Based} Firmware Binaries in {User-Space} Emulation | |
| Kim et al. | FIRM-COV: high-coverage greybox fuzzing for IoT firmware via optimized process emulation | |
| Bagheri et al. | Automated dynamic enforcement of synthesized security policies in android | |
| Alzaidi et al. | DroidRista: a highly precise static data flow analysis framework for android applications | |
| Ren et al. | Security analysis of zigbee protocol implementation via device-agnostic fuzzing | |
| Zhao et al. | A systematic review of fuzzing | |
| Jiang et al. | Revealing Performance Issues in Server-side WebAssembly Runtimes via Differential Testing | |
| Autili et al. | A hybrid approach for resource-based comparison of adaptable java applications | |
| Zhang et al. | A Survey of Protocol Fuzzing |