Poster: Fuzzing iot firmware via multi-stage message generation
Proceedings of the 2019 ACM SIGSAC conference on computer and communications …, 2019•dl.acm.org
In this work, we present IoTHunter, the first grey-box fuzzer for fuzzing stateful protocols in
IoT firmware. IoTHunter addresses the state scheduling problem based on a multi-stage
message generation mechanism on runtime monitoring of IoT firmware. We evaluate
IoTHunter with a set of real-world programs, and the result shows that IoTHunter outperforms
black-box fuzzer boofuzz, which has a 2.2 x, 2.0 x, and 2.5 x increase for function coverage,
block coverage, and edge coverage, respectively. IoTHunter also found five new …
IoT firmware. IoTHunter addresses the state scheduling problem based on a multi-stage
message generation mechanism on runtime monitoring of IoT firmware. We evaluate
IoTHunter with a set of real-world programs, and the result shows that IoTHunter outperforms
black-box fuzzer boofuzz, which has a 2.2 x, 2.0 x, and 2.5 x increase for function coverage,
block coverage, and edge coverage, respectively. IoTHunter also found five new …
In this work, we present IoTHunter, the first grey-box fuzzer for fuzzing stateful protocols in IoT firmware. IoTHunter addresses the state scheduling problem based on a multi-stage message generation mechanism on runtime monitoring of IoT firmware. We evaluate IoTHunter with a set of real-world programs, and the result shows that IoTHunter outperforms black-box fuzzer boofuzz, which has a 2.2x, 2.0x, and 2.5x increase for function coverage, block coverage, and edge coverage, respectively. IoTHunter also found five new vulnerabilities in the firmware of home router Mikrotik, which have been reported to the vendor.
ACM Digital Library