UCRF: static analyzing firmware to generate under-constrained seed for fuzzing SOHO router

UCRF: static analyzing firmware to generate under-constrained seed for fuzzing SOHO router

SOHO (small office and home office) routers are the key elements of the IoT, providing network services for various smart devices. Recent years have seen increased attacks targeting SOHO routers’ web applications. Numerous vulnerabilities are introduced in the process that web servers receive and ha...

Full description

Saved in:

Bibliographic Details
Main Authors:	Qin, Chuan, Peng, Jiaqian, Liu, Puzhuo, Zheng, Yaowen, Cheng, Kai, Zhang, Weidong, Sun, Limin
Other Authors:	School of Computer Science and Engineering
Format:	Article
Language:	English
Published:	2023
Subjects:	Engineering::Computer science and engineering Binary Static Analysis Vulnerability Detection
Online Access:	https://hdl.handle.net/10356/172200
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Nanyang Technological University
Language:	English

Similar Items

Firmaster: Analysis Tool for Home Router Firmware
by: Vasaka Visoottiviseth, et al.
Published: (2019)

On-the-fly Android static analysis with applications in vulnerability discovery
by: WU, Daoyuan
Published: (2019)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

Be sensitive and collaborative: Analyzing impact of coverage metrics in Greybox fuzzing
by: WANG, Jinghan, et al.
Published: (2019)

xFuzz: Machine learning guided cross-contract fuzzing
by: XUE, Yinxing, et al.
Published: (2024)

SoFi: Reflection-augmented fuzzing for JavaScript engines
by: HE, Xiaoyu, et al.
Published: (2021)

The behaviour of static torque and thrust due to tool wear in drilling
by: Mannan, M.A., et al.
Published: (2014)

Cerebro: Context-aware adaptive fuzzing for effective vulnerability detection
by: LI, Yuekang, et al.
Published: (2019)

MemLock: Memory usage guided fuzzing
by: WEN, Cheng, et al.
Published: (2020)

sFuzz: An efficient adaptive fuzzer for solidity smart contracts
by: NGUYEN, Tai D., et al.
Published: (2020)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

ENHANCING DIRECTED SEARCH IN BLACK-BOX, GREY-BOX AND WHITE-BOX FUZZ TESTING
by: PHAM VAN THUAN
Published: (2017)

GA-based substructural identification with static measurements
by: MAK SWEE CHIANG
Published: (2010)

Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns
by: SHAR, Lwin Khin, et al.
Published: (2013)

Quasi-static scheduling of communicating tasks
by: Darondeau, P., et al.
Published: (2013)

Static sling tensions in heavy lifts with doubled sling arrangement
by: Choo, Y.S., et al.
Published: (2014)

Planar constrained terminals over-the-cell router
by: Shew, P.W., et al.
Published: (2016)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis
by: SHAR, Lwin Khin, et al.
Published: (2013)

Static saliency vs. Dynamic saliency: A comparative study
by: Nguyen, T.V., et al.
Published: (2014)

Smart Greybox Fuzzing
by: Pham, Van-Thuan, et al.
Published: (2023)

Crack monitoring and failure investigation on inkjet printed sandwich structures under quasi-static indentation test
by: Dikshit, Vishwesh, et al.
Published: (2018)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: THOME, Julian, et al.
Published: (2018)

Radial point interpolation method for static and dynamic analysis of three-dimensional solids
by: HUANG HAITAO
Published: (2010)

Static Strength of Tubular X-joints with Chord Fully Infilled with High Strength Grout.
by: CHEN ZHUO
Published: (2011)

Disjunctive invariants for modular static analysis
by: POPEEA CORNELIU CHRISTIAN
Published: (2010)

Scalable ionic gelation synthesis of chitosan nanoparticles for drug delivery in static mixers
by: Dong, Y., et al.
Published: (2014)

Semi-automated verification of defense against SQL injection in web applications
by: LIU, Kaiping, et al.
Published: (2012)

Solid lipid nanoparticles: Continuous and potential large-scale nanoprecipitation production in static mixers
by: Dong, Y., et al.
Published: (2014)

Comparison and evaluation on Static Application Security Testing (SAST) tools for Java
by: LI, Kaixuan, et al.
Published: (2023)

Kapuso: Jessica Soho
by: Jusay, Patricia Anne A., et al.
Published: (2003)

SOHO AND THE CHANGING COMMUNITY
by: GAN XING YUN
Published: (2009)

Static Strength of Doubler Plate Reinforced X-joints Under In-Plane Bending
by: Choo, Y.S., et al.
Published: (2014)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: SHAR, Lwin Khin, et al.
Published: (2012)

Finding instrumentable locations for fuzzing via static binary analysis
by: Ng, Lyon Hong Kai
Published: (2022)

Finding instrumentable locations for fuzzing via static binary analysis
by: Ng, Li Jie
Published: (2022)

Finding instrumentable locations for fuzzing via static binary analysis
by: Ong, Kwang Wee
Published: (2023)

How to find actionable static analysis warnings: A case study with FindBugs
by: YEDIDA, Rahul, et al.
Published: (2023)

Quasi-static indentation and sound-absorbing properties of 3D printed sandwich core panels
by: Goh, Guo Dong, et al.
Published: (2022)

A local point interpolation method for static and dynamic analysis of thin beams
by: Gu, Y.T., et al.
Published: (2014)