@inproceedings{grammarinator, author = {Ren{\'{a}}ta Hodov{\'{a}}n and {\'{A}}kos Kiss and Tibor Gyim{\'{o}}thy}, editor = {Wishnu Prasetya and Tanja E. J. Vos and Sinem Getir}, title = {Grammarinator: a grammar-based open source fuzzer}, booktitle = {Proceedings of the 9th {ACM} {SIGSOFT} International Workshop on Automating {TEST} Case Design, Selection, and Evaluation, A-TEST@ESEC/SIGSOFT {FSE} 2018, Lake Buena Vista, FL, USA, November 05, 2018}, pages = {45--48}, publisher = {{ACM}}, year = {2018}, url = {https://doi.org/10.1145/3278186.3278193}, doi = {10.1145/3278186.3278193}, timestamp = {Wed, 09 Jan 2019 17:56:06 +0100}, biburl = {https://dblp.org/rec/conf/sigsoft/Hodovan0G18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{modelfuzz, author = {Pham, Van-Thuan and B\"{o}hme, Marcel and Roychoudhury, Abhik}, title = {Model-Based Whitebox Fuzzing for Program Binaries}, year = {2016}, isbn = {9781450338455}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/2970276.2970316}, doi = {10.1145/2970276.2970316}, booktitle = {Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering}, pages = {543–553}, numpages = {11}, keywords = {Program Binaries, Symbolic Execution}, location = {Singapore, Singapore}, series = {ASE 2016} } @article{hung2017leading, title={Leading the IoT Gartner Insight on How to Lead in a Cnnected World}, author={Hung, Mark}, journal={Gartner Research}, volume={1}, pages={1--5}, year={2017} } @incollection{mcmillen2015security, title={Security attacks on industrial control systems}, author={McMillen, David}, booktitle={Technical Report}, year={2015}, publisher={IBM} } @online{posey2021iot, author = {Posey, Brien}, title = {IoT devices}, year = 2021, url = {https://web.archive.org/web/20210520072243/https://internetofthingsagenda.techtarget.com/definition/IoT-device}, urldate = {2021-05-20} } @online{xss, author = {The OWASP Foundation}, title = {Cross Site Scripting (XSS) Software Attack | OWASP}, year = 2021, url = {https://web.archive.org/web/20210615012447/https://owasp.org/www-community/attacks/xss/}, urldate = {2021-06-15} } @online{OWASP2021Fuzzing, author = {The OWASP Foundation}, title = {Fuzzing | OWASP}, year = 2021, url = {https://web.archive.org/web/20210414111843/https://owasp.org/www-community/Fuzzing}, urldate = {2021-04-14} } @inproceedings{iothunter, author = {Bo Yu and Pengfei Wang and Tai Yue and Yong Tang}, editor = {Lorenzo Cavallaro and Johannes Kinder and XiaoFeng Wang and Jonathan Katz}, title = {Poster: Fuzzing IoT Firmware via Multi-stage Message Generation}, booktitle = {Proceedings of the 2019 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2019, London, UK, November 11-15, 2019}, pages = {2525--2527}, publisher = {{ACM}}, year = {2019}, url = {https://doi.org/10.1145/3319535.3363247}, doi = {10.1145/3319535.3363247}, timestamp = {Tue, 10 Nov 2020 20:00:54 +0100}, biburl = {https://dblp.org/rec/conf/ccs/YuWYT19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{hfuzz, author = {Xinyao Liu and Baojiang Cui and Junsong Fu and Jinxin Ma}, title = {HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations}, journal = {Future Gener. Comput. Syst.}, volume = {108}, pages = {390--400}, year = {2020}, url = {https://doi.org/10.1016/j.future.2019.12.032}, doi = {10.1016/j.future.2019.12.032}, timestamp = {Mon, 18 May 2020 17:42:49 +0200}, biburl = {https://dblp.org/rec/journals/fgcs/LiuCFM20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{siotfuzzer, title={SIoTFuzzer: Fuzzing Web Interface in IoT Firmware via Stateful Message Generation}, author={Zhang, Hangwei and Lu, Kai and Zhou, Xu and Yin, Qidi and Wang, Pengfei and Yue, Tai}, journal={Applied Sciences}, volume={11}, number={7}, pages={3120}, year={2021}, publisher={Multidisciplinary Digital Publishing Institute} } @inproceedings{diane, title={DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices}, author={Redini, Nilo and Continella, Andrea and Das, Dipanjan and De Pasquale, Giulio and Spahn, Noah and Machiry, Aravind and Bianchi, Antonio and Kruegel, Christopher and Vigna, Giovanni}, booktitle={42nd IEEE Symposium on Security and Privacy 2021}, year={2021} } @inproceedings{firmfuzz, author = {Prashast Srivastava and Hui Peng and Jiahao Li and Hamed Okhravi and Howard E. Shrobe and Mathias Payer}, editor = {Peng Liu and Yuqing Zhang}, title = {FirmFuzz: Automated IoT Firmware Introspection and Analysis}, booktitle = {Proceedings of the 2nd International {ACM} Workshop on Security and Privacy for the Internet-of-Things, IoT S{\&}P@CCS 2019, London, UK, November 15, 2019}, pages = {15--21}, publisher = {{ACM}}, year = {2019}, url = {https://doi.org/10.1145/3338507.3358616}, doi = {10.1145/3338507.3358616}, timestamp = {Tue, 10 Nov 2020 16:06:16 +0100}, biburl = {https://dblp.org/rec/conf/ccs/SrivastavaPLOSP19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{mulbin, author = {Nilo Redini and Aravind Machiry and Ruoyu Wang and Chad Spensky and Andrea Continella and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, title = {Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware}, booktitle = {2020 {IEEE} Symposium on Security and Privacy, {SP} 2020, San Francisco, CA, USA, May 18-21, 2020}, pages = {1544--1561}, publisher = {{IEEE}}, year = {2020}, url = {https://doi.org/10.1109/SP40000.2020.00036}, doi = {10.1109/SP40000.2020.00036}, timestamp = {Thu, 20 Aug 2020 17:04:50 +0200}, biburl = {https://dblp.org/rec/conf/sp/RediniM0SCSKV20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{lowendos, author = {Oliver Hahm and Emmanuel Baccelli and Hauke Petersen and Nicolas Tsiftes}, title = {Operating Systems for Low-End Devices in the Internet of Things: {A} Survey}, journal = {{IEEE} Internet Things J.}, volume = {3}, number = {5}, pages = {720--734}, year = {2016}, url = {https://doi.org/10.1109/JIOT.2015.2505901}, doi = {10.1109/JIOT.2015.2505901}, timestamp = {Mon, 08 Jun 2020 22:23:02 +0200}, biburl = {https://dblp.org/rec/journals/iotj/HahmBPT16.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{snipuzz, author = {Xiaotao Feng and Ruoxi Sun and Xiaogang Zhu and Minhui Xue and Sheng Wen and Dongxi Liu and Surya Nepal and Yang Xiang}, title = {Snipuzz: Black-box Fuzzing of IoT Firmware via Message Snippet Inference}, journal = {CoRR}, volume = {abs/2105.05445}, year = {2021}, url = {https://arxiv.org/abs/2105.05445}, archivePrefix = {arXiv}, eprint = {2105.05445}, timestamp = {Mon, 31 May 2021 08:26:46 +0200}, biburl = {https://dblp.org/rec/journals/corr/abs-2105-05445.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{firmafl, author = {Yaowen Zheng and Ali Davanian and Heng Yin and Chengyu Song and Hongsong Zhu and Limin Sun}, editor = {Nadia Heninger and Patrick Traynor}, title = {{FIRM-AFL:} High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation}, booktitle = {28th {USENIX} Security Symposium, {USENIX} Security 2019, Santa Clara, CA, USA, August 14-16, 2019}, pages = {1099--1114}, publisher = {{USENIX} Association}, year = {2019}, url = {https://www.usenix.org/conference/usenixsecurity19/presentation/zheng}, timestamp = {Mon, 01 Feb 2021 08:43:20 +0100}, biburl = {https://dblp.org/rec/conf/uss/ZhengDYSZS19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{largeanal, author = {Andrei Costin and Jonas Zaddach and Aur{\'{e}}lien Francillon and Davide Balzarotti}, editor = {Kevin Fu and Jaeyeon Jung}, title = {A Large-Scale Analysis of the Security of Embedded Firmwares}, booktitle = {Proceedings of the 23rd {USENIX} Security Symposium, San Diego, CA, USA, August 20-22, 2014}, pages = {95--110}, publisher = {{USENIX} Association}, year = {2014}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/costin}, timestamp = {Mon, 01 Feb 2021 08:43:17 +0100}, biburl = {https://dblp.org/rec/conf/uss/CostinZFB14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{autodyn, author = {Andrei Costin and Apostolis Zarras and Aur{\'{e}}lien Francillon}, editor = {Xiaofeng Chen and XiaoFeng Wang and Xinyi Huang}, title = {Automated Dynamic Firmware Analysis at Scale: {A} Case Study on Embedded Web Interfaces}, booktitle = {Proceedings of the 11th {ACM} on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi'an, China, May 30 - June 3, 2016}, pages = {437--448}, publisher = {{ACM}}, year = {2016}, url = {https://doi.org/10.1145/2897845.2897900}, doi = {10.1145/2897845.2897900}, timestamp = {Tue, 10 Nov 2020 16:06:16 +0100}, biburl = {https://dblp.org/rec/conf/ccs/CostinZF16.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{avatar, author = {Jonas Zaddach and Luca Bruno and Aur{\'{e}}lien Francillon and Davide Balzarotti}, title = {{AVATAR:} {A} Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares}, booktitle = {21st Annual Network and Distributed System Security Symposium, {NDSS} 2014, San Diego, California, USA, February 23-26, 2014}, publisher = {The Internet Society}, year = {2014}, url = {https://www.ndss-symposium.org/ndss2014/avatar-framework-support-dynamic-security-analysis-embedded-systems-firmwares}, timestamp = {Mon, 01 Feb 2021 08:42:18 +0100}, biburl = {https://dblp.org/rec/conf/ndss/ZaddachBFB14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{firmcorn, author = {Zhijie Gui and Hui Shu and Fei Kang and Xiaobing Xiong}, title = {{FIRMCORN:} Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution}, journal = {{IEEE} Access}, volume = {8}, pages = {29826--29841}, year = {2020}, url = {https://doi.org/10.1109/ACCESS.2020.2973043}, doi = {10.1109/ACCESS.2020.2973043}, timestamp = {Tue, 03 Mar 2020 09:38:04 +0100}, biburl = {https://dblp.org/rec/journals/access/GuiSKX20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{iotfuzzer, author = {Jiongyi Chen and Wenrui Diao and Qingchuan Zhao and Chaoshun Zuo and Zhiqiang Lin and XiaoFeng Wang and Wing Cheong Lau and Menghan Sun and Ronghai Yang and Kehuan Zhang}, title = {IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing}, booktitle = {25th Annual Network and Distributed System Security Symposium, {NDSS} 2018, San Diego, California, USA, February 18-21, 2018}, publisher = {The Internet Society}, year = {2018}, url = {http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018\_01A-1\_Chen\_paper.pdf}, timestamp = {Thu, 09 Aug 2018 10:57:16 +0200}, biburl = {https://dblp.org/rec/conf/ndss/ChenDZZL0LSYZ18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{wmifuzzer, author = {Dong Wang and Xiaosong Zhang and Ting Chen and Jingwei Li}, title = {Discovering Vulnerabilities in {COTS} IoT Devices through Blackbox Fuzzing Web Management Interface}, journal = {Secur. Commun. Networks}, volume = {2019}, pages = {5076324:1--5076324:19}, year = {2019}, url = {https://doi.org/10.1155/2019/5076324}, doi = {10.1155/2019/5076324}, timestamp = {Thu, 10 Sep 2020 14:41:04 +0200}, biburl = {https://dblp.org/rec/journals/scn/WangZCL19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @Misc{aflpp, title = {American Fuzzy Lop plus plus}, howpublished = {\url{https://github.com/AFLplusplus/AFLplusplus}}, } @Misc{panda, title = {Panda}, howpublished = {\url{https://github.com/panda-re/panda}}, } @Misc{afl, title = {american fuzzy lob}, howpublished = {\url{https://github.com/google/AFL}}, } @Misc{xsstrike, title = {XSStrike}, howpublished = {\url{https://github.com/s0md3v/XSStrike}}, } @Misc{binwalk, title = {Binwalk}, howpublished = {\url{https://github.com/ReFirmLabs/binwalk}}, } @Misc{valgrind, title = {Valgrind}, howpublished = {\url{https://www.valgrind.org/}}, } @Misc{triforceafl, title = {TriforceAFL}, howpublished = {\url{https://github.com/nccgroup/TriforceAFL}}, } @Misc{fuzzdb, title = {FuzzDB}, howpublished = {\url{https://github.com/fuzzdb-project/fuzzdb}}, } @Misc{blons, title = {Big List of Naughty Strings}, howpublished = {\url{https://github.com/minimaxir/big-list-of-naughty-strings}}, } @Misc{radamsa, title = {radamsa}, howpublished = {\url{https://gitlab.com/akihe/radamsa}}, } @Misc{IDA, title = {IDA Pro}, howpublished = {\url{https://hex-rays.com/ida-pro/}}, } @Misc{boofuzz, title = {boofuzz}, howpublished = {\url{https://github.com/jtpereyda/boofuzz}}, } @inproceedings{firmup, author = {Yaniv David and Nimrod Partush and Eran Yahav}, editor = {Xipeng Shen and James Tuck and Ricardo Bianchini and Vivek Sarkar}, title = {FirmUp: Precise Static Detection of Common Vulnerabilities in Firmware}, booktitle = {Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems, {ASPLOS} 2018, Williamsburg, VA, USA, March 24-28, 2018}, pages = {392--404}, publisher = {{ACM}}, year = {2018}, url = {https://doi.org/10.1145/3173162.3177157}, doi = {10.1145/3173162.3177157}, timestamp = {Mon, 22 Mar 2021 16:55:03 +0100}, biburl = {https://dblp.org/rec/conf/asplos/DavidPY18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{crash, author = {Marius Muench and Jan Stijohann and Frank Kargl and Aur{\'{e}}lien Francillon and Davide Balzarotti}, title = {What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices}, booktitle = {25th Annual Network and Distributed System Security Symposium, {NDSS} 2018, San Diego, California, USA, February 18-21, 2018}, publisher = {The Internet Society}, year = {2018}, url = {http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018\_01A-4\_Muench\_paper.pdf}, timestamp = {Thu, 09 Aug 2018 10:57:16 +0200}, biburl = {https://dblp.org/rec/conf/ndss/MuenchSKFB18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{tfuzz, author = {Hui Peng and Yan Shoshitaishvili and Mathias Payer}, title = {T-Fuzz: Fuzzing by Program Transformation}, booktitle = {2018 {IEEE} Symposium on Security and Privacy, {SP} 2018, Proceedings, 21-23 May 2018, San Francisco, California, {USA}}, pages = {697--710}, publisher = {{IEEE} Computer Society}, year = {2018}, url = {https://doi.org/10.1109/SP.2018.00056}, doi = {10.1109/SP.2018.00056}, timestamp = {Wed, 16 Oct 2019 14:14:51 +0200}, biburl = {https://dblp.org/rec/conf/sp/PengSP18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{angora, author = {Peng Chen and Hao Chen}, title = {Angora: Efficient Fuzzing by Principled Search}, booktitle = {2018 {IEEE} Symposium on Security and Privacy, {SP} 2018, Proceedings, 21-23 May 2018, San Francisco, California, {USA}}, pages = {711--725}, publisher = {{IEEE} Computer Society}, year = {2018}, url = {https://doi.org/10.1109/SP.2018.00046}, doi = {10.1109/SP.2018.00046}, timestamp = {Wed, 16 Oct 2019 14:14:51 +0200}, biburl = {https://dblp.org/rec/conf/sp/ChenC18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{karonte, author = {Nilo Redini and Aravind Machiry and Ruoyu Wang and Chad Spensky and Andrea Continella and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, title = {Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware}, booktitle = {2020 {IEEE} Symposium on Security and Privacy, {SP} 2020, San Francisco, CA, USA, May 18-21, 2020}, pages = {1544--1561}, publisher = {{IEEE}}, year = {2020}, url = {https://doi.org/10.1109/SP40000.2020.00036}, doi = {10.1109/SP40000.2020.00036}, timestamp = {Thu, 20 Aug 2020 17:04:50 +0200}, biburl = {https://dblp.org/rec/conf/sp/RediniM0SCSKV20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @inproceedings{vuzzer, author = {Sanjay Rawat and Vivek Jain and Ashish Kumar and Lucian Cojocar and Cristiano Giuffrida and Herbert Bos}, title = {VUzzer: Application-aware Evolutionary Fuzzing}, booktitle = {24th Annual Network and Distributed System Security Symposium, {NDSS} 2017, San Diego, California, USA, February 26 - March 1, 2017}, publisher = {The Internet Society}, year = {2017}, url = {https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/vuzzer-application-aware-evolutionary-fuzzing/}, timestamp = {Mon, 01 Feb 2021 08:42:22 +0100}, biburl = {https://dblp.org/rec/conf/ndss/0001JKCGB17.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} } @article{compwbgbox, title={A comparative study of white box, black box and grey box testing techniques}, author={Khan, Mohd Ehmer and Khan, Farmeena and others}, journal={Int. J. Adv. Comput. Sci. Appl}, volume={3}, number={6}, year={2012}, publisher={Citeseer} }