Conference ProceedingsOPEN ACCESS

Poster: Fuzzing IoT firmware via multi-stage message generation

Proceedings of the ACM Conference on Computer and Communications Security (2019) 2525-2527
DOI: 10.1145/3319535.3363247
44Citations
Citations of this article
70Readers
Mendeley users who have this article in their library.
Get full text

Abstract

In this work, we present IoTHunter, the first grey-box fuzzer for fuzzing stateful protocols in IoT firmware. IoTHunter addresses the state scheduling problem based on a multi-stage message generation mechanism on runtime monitoring of IoT firmware. We evaluate IoTHunter with a set of real-world programs, and the result shows that IoTHunter outperforms black-box fuzzer boofuzz, which has a 2.2x, 2.0x, and 2.5x increase for function coverage, block coverage, and edge coverage, respectively. IoTHunter also found five new vulnerabilities in the firmware of home router Mikrotik, which have been reported to the vendor.

Author supplied keywords

Cite

CITATION STYLE

APA

Yu, B., Wang, P., Yue, T., & Tang, Y. (2019). Poster: Fuzzing IoT firmware via multi-stage message generation. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 2525–2527). Association for Computing Machinery. https://doi.org/10.1145/3319535.3363247

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free