Fuzzing of Embedded Systems: A Survey-Reference-Cited by-同舟云学术

Fuzzing of Embedded Systems: A Survey

Published:2022-12-15 Issue:7 Volume:55 Page:1-33
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Yun Joobeom¹^ORCID,Rustamov Fayozbek¹^ORCID,Kim Juhwan¹^ORCID,Shin Youngjoo²^ORCID

Affiliation:

1. Sejong University, Gwangjin-gu, Seoul, Republic of Korea

2. Korea University, Seongbuk-gu, Seoul, Republic of Korea

Abstract

Security attacks abuse software vulnerabilities of IoT devices; hence, detecting and eliminating these vulnerabilities immediately are crucial. Fuzzing is an efficient method to identify vulnerabilities automatically, and many publications have been released to date. However, fuzzing for embedded systems has not been studied extensively owing to various obstacles, such as multi-architecture support, crash detection difficulties, and limited resources. Thus, the article introduces fuzzing techniques for embedded systems and the fuzzing differences for desktop and embedded systems. Further, we collect state-of-the-art technologies, discuss their advantages and disadvantages, and classify embedded system fuzzing tools. Finally, future directions for fuzzing research of embedded systems are predicted and discussed.

Funder

Ministry of Science and ICT (MSIT), South Korea

Information Technology Research Center

Institute for Information and Communications Technology Planning and Evaluation

National Research Foundation of Korea

Ministry of Education

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science,Theoretical Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3538644

Reference147 articles.

1. Yousra Aafer, Wei You, Yi Sun, Yu Shi, Xiangyu Zhang, and Heng Yin. 2021. Android SmartTVs Vulnerability discovery via \(Log-Guided\) fuzzing. In 30th USENIX Security Symposium (USENIX Security’21). 2759–2776.

2. Amazon. [n.d.]. Amazon Prime Air. Retrieved February 1 2022 from https://www.amazon.com/Amazon-Prime-Air/b?ie=UTF8&node=8037720011.

3. Amazon. [n.d.]. Google X-wing. Retrieved February 1 2022 from http:https://x.company/projects/wing/.

4. TinyOS-New Trends, Comparative Views, and Supported Sensing Applications: A Review

5. Erik Andersen. [n.d.]. uClibc. Retrieved June 10 2020 from https://www.uclibc.org/.

Cited by 22 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. StructuredFuzzer: Fuzzing Structured Text-Based Control Logic Applications;Electronics;2024-06-25

2. TWFuzz: Fuzzing Embedded Systems with Three Wires;Proceedings of the 25th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems;2024-06-20

3. Automatically Inspecting Thousands of Static Bug Warnings with Large Language Model: How Far Are We?;ACM Transactions on Knowledge Discovery from Data;2024-06-19

4. LLMIF: Augmented Large Language Model for Fuzzing IoT Devices;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

5. DCGFuzz: An Embedded Firmware Security Analysis Method with Dynamically Co-Directional Guidance Fuzzing;Electronics;2024-04-10