(2022) Debugger-driven Embedded Fuzzing.
![[img]](https://publications.cispa.saarland/style/images/fileicons/text.png) |
Text
icst22_debugger-driven_embedded_fuzzing.pdf Download (369kB) |
Abstract
Embedded Systems – the hidden computers in our lives – are deployed in the billionths and are already in the focus of attackers. They pose security risks when not tested and maintained thoroughly. In recent years, fuzzing has become a promising technique for automated security testing of programs, which can generate tons of test inputs for a program. Fuzzing is hardly applied to embedded systems, because of their high diversity and closed character. During my research I want tackle that gap in fuzzing embedded systems – short: “Embedded Fuzzing”. My goal is to obtain insights of the embedded system during execution, by using common debugging interfaces and hardware breakpoints to enable guided fuzzing in a generic and widely applicable way. Debugging interfaces and hardware breakpoints are available for most common microcontrollers, generating a potential industry impact. Preliminary results show that the approach covers basic blocks faster than blackbox fuzzing. Additionally, it is source code agnostic and leaves the embedded firmware unaltered.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Andreas Zeller (Software Engineering, ST) |
| Conference: | ICST International Conference on Software Testing, Verification and Validation |
| Depositing User: | Max Eisele |
| Date Deposited: | 07 Jul 2023 12:27 |
| Last Modified: | 07 Jul 2023 12:27 |
| Primary Research Area: | NRA3: Threat Detection and Defenses |
| URI: | https://publications.cispa.saarland/id/eprint/3982 |
Actions
Actions (login required)
 |
View Item |