论文信息 - Embedded System Vulnerability Mining Technology Based on In-memory Fuzzing Test

Embedded System Vulnerability Mining Technology Based on In-memory Fuzzing Test

For embedded system vulnerability mining technology, due to the dependence of the program on the hardware environment, the efficiency of traditional fuzz embedded program is very low, and it is difficult to cover some program execution path, which seriously affects the efficiency and quality of the embedded program for vulnerability mining. The paper presented an embedded system vulnerability mining technology based on a memory fuzz test. It can directly test any part of program without the restrictions. In addition, the fuzzing test is done directly in memory, without any unrelated interface, which can greatly improve the efficiency of fuzzing test for the embedded procedures.

Qin Zhang | Baojiang Cui | Xiangqian Zhang | Tianxin Zhang

[1] Li Ji-zhong. Technical study of ARM static library identification , 2010 .

[2] Liang Hong-liang. Survey of Static Analysis Methods for Binary Code Vulnerability , 2009 .

[3] Christopher Krügel,et al. Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware , 2015, NDSS.

[4] Zhu Hong. Applied Study of Library Functions Recognition in Decompiling , 2004 .

[5] Guo Tao,et al. Research of taint-analysis based API in-memory fuzzing tests , 2016 .

[6] Pedram Amini,et al. Fuzzing: Brute Force Vulnerability Discovery , 2007 .

[7] Zhang Minb. Survey of multi-dimensional Fuzzing technology , 2010 .