English
Related papers

Related papers: BaseSAFE: Baseband SAnitized Fuzzing through Emula…

200 papers

Fuzzing is a widely used software security testing technique that is designed to identify vulnerabilities in systems by providing invalid or unexpected input. Continuous fuzzing systems like OSS-FUZZ have been successful in finding security…

Cryptography and Security · Computer Science 2023-07-04 Chaitanya Rahalkar

Trusted Execution Environments (TEEs) are deployed in many CPU designs because of the confidentiality and integrity guarantees they provide. ARM TrustZone is a TEE extensively deployed on smart phones, IoT devices, and notebooks.…

Cryptography and Security · Computer Science 2023-11-17 Haoqi Shan , Sravani Nissankararao , Yujia Liu , Moyao Huang , Shuo Wang , Yier Jin , Dean Sullivan

One of the biggest attack surfaces of embedded systems is their network interfaces, which enable communication with other devices. Unlike their general-purpose counterparts, embedded systems are designed for specialized use cases, resulting…

Cryptography and Security · Computer Science 2025-09-18 Moritz Bley , Tobias Scharnowski , Simon Wörner , Moritz Schloegel , Thorsten Holz

In this paper we show E-FuzzEdge, a novel fuzzing architecture targeted towards improving the throughput of fuzzing campaigns in contexts where scalability is unavailable. E-FuzzEdge addresses the inefficiencies of hardware-in-the-loop…

Cryptography and Security · Computer Science 2025-10-03 Davide Rusconi , Osama Yousef , Mirco Picca , Flavio Toffalini , Andrea Lanzi

Greybox fuzzing is a proven and effective testing method for the detection of security vulnerabilities and other bugs in modern software systems. Greybox fuzzing can also be used in combination with a sanitizer, such as AddressSanitizer…

Cryptography and Security · Computer Science 2022-09-07 Jinsheng Ba , Gregory J. Duck , Abhik Roychoudhury

The lack of authentication during the initial bootstrapping phase between cellular devices and base stations allows attackers to deploy fake base stations and send malicious messages to the devices. These attacks have been a long-existing…

Cryptography and Security · Computer Science 2025-02-10 Yilu Dong , Rouzbeh Behnia , Attila A. Yavuz , Syed Rafiul Hussain

Fuzzing -- testing programs with random inputs -- has become the prime technique to detect bugs and vulnerabilities in programs. To generate inputs that cover new functionality, fuzzers require execution feedback from the program -- for…

Software Engineering · Computer Science 2020-12-29 Rahul Gopinath , Bachir Bendrissou , Björn Mathis , Andreas Zeller

Exponential growth in embedded systems is driving the research imperative to develop fuzzers to automate firmware testing to uncover software bugs and security vulnerabilities. But, employing fuzzing techniques in this context present a…

Cryptography and Security · Computer Science 2023-01-18 Guy Farrelly , Michael Chesser , Damith C. Ranasinghe

Fuzzing is widely used for software vulnerability detection. There are various kinds of fuzzers with different fuzzing strategies, and most of them perform well on their targets. However, in industry practice and empirical study, the…

Software Engineering · Computer Science 2019-05-07 Yuanliang Chen , Yu Jiang , Fuchen Ma , Jie Liang , Mingzhe Wang , Chijin Zhou , Zhuo Su , Xun Jiao

Gray-box fuzzing is widely used for testing embedded systems (ESes). State-of-the-art (SOTA) gray-box fuzzers test ES firmware in fully emulated environments without real peripherals. They emulate missing peripherals to achieve decent code…

Cryptography and Security · Computer Science 2025-04-21 Wei-Lun Huang , Kang G. Shin

In recent years, fuzz testing has benefited from increased computational power and important algorithmic advances, leading to systems that have discovered many critical bugs and vulnerabilities in production software. Despite these…

Cryptography and Security · Computer Science 2022-05-31 Anastasios Andronidis , Cristian Cadar

In modern mobile devices, baseband is an integral component running on top of cellular processors to handle crucial radio communications. However, recent research reveals significant vulnerabilities in these basebands, posing serious…

Cryptography and Security · Computer Science 2024-09-04 Wenqiang Li , Haohuang Wen , Zhiqiang Lin

Fuzzing is one of the most popular and widely used techniques to find vulnerabilities in any application. Fuzzers are fast enough, but they still spend a good portion of time to restart a crashed application and then fuzz it from the…

Cryptography and Security · Computer Science 2021-12-21 Prashant Singh Chouhan , Gregory Price , Gene Cooperman

Fuzzing is utilized for testing software and systems for cybersecurity risk via the automated adaptation of inputs. It facilitates the identification of software bugs and misconfigurations that may create vulnerabilities, cause abnormal…

Cryptography and Security · Computer Science 2023-06-08 Jack Hance , Jeremy Straub

Processor designs rely on iterative modifications and reuse well-established designs. However, this reuse of prior designs also leads to similar vulnerabilities across multiple processors. As processors grow increasingly complex with…

Cryptography and Security · Computer Science 2025-12-09 Chen Chen , Zaiyan Xu , Mohamadreza Rostami , David Liu , Dileep Kalathil , Ahmad-Reza Sadeghi , Jeyavijayan Rajendran

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

Vulnerable software represents a tremendous threat to modern information systems. Vulnerabilities in widespread applications may be used to spread malware, steal money and conduct target attacks. To address this problem, developers and…

Cryptography and Security · Computer Science 2018-07-06 Maksim Shudrak , Vyacheslav Zolotarev

Securing operating system (OS) kernel is one central challenge in today's cyber security landscape. The cutting-edge testing technique of OS kernel is software fuzz testing. By mutating the program inputs with random variations for…

Cryptography and Security · Computer Science 2023-10-05 Wei Chen , Huaijin Wang , Weixi Gu , Shuai Wang

Trusted Execution Environments (TEEs) embedded in IoT devices provide a deployable solution to secure IoT applications at the hardware level. By design, in TEEs, the Trusted Operating System (Trusted OS) is the primary component. It enables…

Cryptography and Security · Computer Science 2023-09-27 Qinying Wang , Boyu Chang , Shouling Ji , Yuan Tian , Xuhong Zhang , Binbin Zhao , Gaoning Pan , Chenyang Lyu , Mathias Payer , Wenhai Wang , Raheem Beyah

Fuzzing is a security testing methodology effective in finding bugs. In a nutshell, a fuzzer sends multiple slightly malformed messages to the software under test, hoping for crashes or weird system behaviour. The methodology is relatively…

Cryptography and Security · Computer Science 2023-01-09 Cristian Daniele , Seyed Behnam Andarzian , Erik Poll