Recent research has sought to improve fuzzing performance via parallel computing. However, researchers focus on improving efficiency while ignoring the increasing cost of testing resources. Parallel in distributed environment amplifies resource-wasting problem caused by random nature fuzzing. In mode, owing lack an appropriate task dispatching scheme and timely status synchronization among diff...

Fuzz testing, or fuzzing, has become one of the de facto standard techniques for bug finding in software industry. In general, fuzzing provides various inputs to target program with goal discovering un-handled exceptions and crashes. business sectors where time budget is limited, vendors often launch many instances parallel as a common means increasing code coverage. However, most popular tools...

As the core technology of next-generation air transportation systems, Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support rely on Garmin’s Datalink 90 (GDL-90) protocol for data exchange encapsulation. This makes it essential to investigate integrity GDL-90 especially against attacks subsystem availab...

Abstract Trusted execution environments (TEE) are deployed on many platforms to provide both confidentiality and integrity, their extensive use offers a secure environment for privacy-sensitive operations. Despite TEE prevalence in the smartphone tablet market, vulnerability research into security is relatively rare. This is, part, due strong isolation guarantees provided by its implementation....

Abstract Mutation-based greybox fuzzing has been one of the most prevalent techniques for security vulnerability discovery and a great deal research work proposed to improve both its efficiency effectiveness. generates input cases by mutating seed, i.e., applying sequence mutation operators randomly selected positions seed. However, existing fruitful focuses on scheduling operators, leaving sch...

Abstract FuSeBMC is a test generator for finding security vulnerabilities in C programs. In Test-Comp 2021, we described previous version that incrementally injected labels to guide Bounded Model Checking (BMC) and Evolutionary Fuzzing engines produce cases code coverage bug finding. This paper introduces an improved of utilizes both smart seeds. First, the run with short time limit on lightly ...

High scalability and low operating cost make black-box protocol fuzzing a vital tool for discovering vulnerabilities in the firmware of IoT smart devices. However, it is still challenging to compare fuzzers due lack unified benchmark images, complete mutation seeds, comprehensive performance metrics, standardized evaluation framework. In this paper, we design implement IoTFuzzBench, scalable, m...

We introduce a new method for triggering vulnerabilities in deep layers of binary executables and facilitate their exploitation. In our approach we combine dynamic symbolic execution with fuzzing techniques. To maximize both the execution path depth and the degree of freedom in input parameters for exploitation, we define a novel method to assign probabilities to program paths. Based on this pr...

The CAN (Controller Area Network) protocol is widely adopted for in-vehicle networks due to its cost efficiency and reliable transmission. However, despite popularity, the lacks built-in security mechanisms, making it vulnerable attacks such as flooding, fuzzing, DoS. These can exploit vulnerabilities disrupt expected behavior of network. One main reasons these concerns that relies on broadcast...

We propose a framework for designing a security tool that can take advantages from current approaches while increasing precision, scalability and debuggability. This could enable software developers to conduct comprehensive security testing automatically. The approaches we utilise are static, dynamic and taint analysis along with fuzzing. The rationale behind this is that the complexity of toda...