IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing
2023-7-19 12:43:44 Author: www.ndss-symposium.org(查看原文) 阅读量:9 收藏

The NDSS 2018 Program was constructed from the following list of accepted papers. The papers on the list are ordered by submission number, and some of the papers are subject to shepherding.

IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing

Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun, Ronghai Yang and Kehuan Zhang

Read More

Fear and Logging in the Internet of Things

Qi Wang, Wajih Ul Hassan, Adam Bates and Carl Gunter

Read More

Decentralized Action Integrity for Trigger-Action IoT Platforms

Earlence Fernandes, Amir Rahmati, Jaeyeon Jung and Atul Prakash 

Read More

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices

Marius Muench, Jan Stijohann, Frank Kargl, Aurelien Francillon and Davide Balzarotti

Read More

Didn’t You Hear Me? – Towards More Successful Web Vulnerability Notifications

Ben Stock, Giancarlo Pellegrino, Frank Li, Michael Backes and Christian Rossow 

Read More

Exposing Congestion Attack on Emerging Connected Vehicle based Traffic Signal Control

Qi Alfred Chen, Yucheng Yin, Yiheng Feng, Z. Morley Mao and Henry X. Liu

Read More

Removing Secrets from Android’s TLS

Jaeho Lee and Dan S. Wallach

Read More

rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection System

Erkam Uzun, Simon Pak Ho Chung, Irfan Essa and Wenke Lee

Read More

Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach

Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove and Cristina Nita-Rotaru

Read More

Preventing (Network) Time Travel with Chronos

Omer Deutsch, Neta Rozen Schiff, Danny Dolev and Michael Schapira

Read More

LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE

Syed Rafiul Hussain, Omar Chowdhury, Shagufta Mehnaz and Elisa Bertino

Read More

GUTI Reallocation Demystified: Cellular Location Tracking with Changing Temporary Identifier.

Byeongdo Hong, Sangwook Bae and Yongdae Kim

Read More

Mind Your Keys? A Security Evaluation of Java Keystores

Riccardo Focardi, Francesco Palmarini, Marco Squarcina, Graham Steel and Mauro Tempesta

Read More

A Security Analysis of Honeywords

Ding Wang, Haibo Cheng, Ping Wang, Jeff Yan and Xinyi Huang

Read More

Revisiting Private Stream Aggregation: Lattice-Based PSA

Daniela Becker, Jorge Guajardo and Karl-Heinz Zimmermann

Read More

ZeroTrace : Oblivious Memory Primitives from Intel SGX

Sajin Sasy, Sergey Gorbunov and Christopher W. Fletcher

Read More

Automated Website Fingerprinting through Deep Learning

Vera Rimmer, Davy Preuveneers, Marc Juarez, Tom Van Goethem and Wouter Joosen 

Read More

VulDeePecker: A Deep Learning-Based System for Vulnerability Detection

Zhen Li, Deqing Zou, Shouhuai Xu, Xinyu Ou, Hai Jin, Sujuan Wang, Zhijun Deng and Yuyi Zhong

Read More

Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection

Yisroel Mirsky, Tomer Doitshman, Yuval Elovici and Asaf Shabtai

Read More

Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks

Weilin Xu, David Evans and Yanjun Qi

Read More

Trojaning Attack on Neural Networks

Yingqi Liu, Shiqing Ma, Yousra Aafer, Wen-Chuan Lee, Juan Zhai, Weihang Wang and Xiangyu Zhang 

Read More

Broken Fingers: On the Usage of the Fingerprint API in Android

Antonio Bianchi, Yanick Fratantonio, Aravind Machiry, Christopher Kruegel, Giovanni Vigna, Simon Pak Ho Chung and Wenke Lee

Read More

K-means++ vs. Behavioral Biometrics: One Loop to Rule Them All

Parimarjan Negi, Prafull Sharma, Vivek sanjay Jain and Bahman Bahmani

Read More

ABC: Enabling Smartphone Authentication with Built-in Camera

Zhongjie Ba, Sixu Piao, Xinwen Fu, Dimitrios Koutsonikolas, Aziz Mohaisen and Kui Ren

Read More

Device Pairing at the Touch of an Electrode

Marc Roeschlin, Ivan Martinovic and Kasper B. Rasmussen

Read More

Face Flashing: a Secure Liveness Detection Protocol based on Light Reflections

Di Tang, Zhe Zhou, Yinqian Zhang and Kehuan Zhang

Read More

A Large-scale Analysis of Content Modification by Open HTTP Proxies

Giorgos Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos and Michalis Polychronakis 

Read More

Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis

Shitong Zhu, Xunchao Hu, Zhiyun Qian, Zubair Shafiq and Heng Yin

Read More

Towards Measuring the Effectiveness of Telephony Blacklists

Sharbani Pandit, Roberto Perdisci, Mustaque Ahamad and Payas Gupta

Read More

Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole-System Emulation

Yue Duan, Mu Zhang, Abhishek Vasisht Bhaskar, Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang and XiaoFeng Wang

Read More

KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks

Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clementine Maurice, Raphael Spreitzer and Stefan Mangard

Read More

Securing Real-Time Microcontroller Systems through Customized Memory View Switching

Chung Hwan Kim, Taegyu Kim, Hongjun Choi, Zhongshu Gu, Byoungyoung Lee, Xiangyu Zhang and Dongyan Xu

Read More

Automated Generation of Event-Oriented Exploits in Android Hybrid Apps

Guangliang Yang, Jeff Huang and Guofei Gu

Read More

Tipped Off by Your Memory Allocator: Device-Wide User Activity Sequencing from Android Memory Images

Rohit Bhatia, Brendan Saltaformaggio, Seung Jei Yang, Aisha Ali-Gombe, Xiangyu Zhang, Dongyan Xu and Golden G. Richard III 

Read More

K-Miner: Uncovering Memory Corruption in Linux

David Gens, Simon Schmitt, Lucas Davi and Ahmad-Reza Sadeghi

Read More

CFIXX: Object Type Integrity for C++

Nathan Burow, Derrick McKee, Scott A. Carr and Mathias Payer 

Read More

Back To The Epilogue: Evading Control Flow Guard via Unaligned Targets

Andrea Biondo, Mauro Conti and Daniele Lain

Read More

Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics

Erick Bauman, Zhiqiang Lin and Kevin Hamlen

Read More

Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing

Wookhyun Han, Byunggill Joe, Byoungyoung Lee, Chengyu Song and Insik Shin

Read More

Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps

Yuhong Nan, Zhemin Yang, Xiaofeng Wang, Yuan Zhang, Donglai Zhu and Min Yang

Read More

Bug Fixes, Improvements, … and Privacy Leaks – A Longitudinal Study of PII Leaks Across Android App Versions

Jingjing Ren, Martina Lindorfer, Daniel J. Dubois, Ashwin Rao, David Choffnes and Narseo Vallina-Rodriguez

Read More

Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem

Abbas Razaghpanah, Rishab Nithyanand, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Mark Allman, Christian Kreibich and Phillipa Gill 

Read More

OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS

Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang and XiaoFeng Wang

Read More

Knock Knock, Who’s There? Membership Inference on Aggregate Location Data

Apostolos Pyrgelis, Carmela Troncoso and Emiliano De Cristofaro 

Read More

Reduced Cooling Redundancy: A New Security Vulnerability in a Hot Data Center

Xing Gao, Zhang Xu, Haining Wang, Li Li and Xiaorui Wang

Read More

OBLIVIATE: A Data Oblivious Filesystem for Intel SGX

Adil Ahmad, Kyungtae Kim, Muhammad Ihsanulhaq Sarfaraz and Byoungyoung Lee

Read More

Microarchitectural Minefields: 4K-Aliasing Covert Channel and Multi-Tenant Detection in Iaas Clouds

Dean Sullivan, Orlando Arias, Travis Meade and Yier Jin

Read More

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates

Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel and Giovanni Vigna

Read More

Consensual and Privacy-Preserving Sharing of Multi-Subject and Interdependent Data

Alexandra-Mihaela Olteanu, Kevin Huguenin, Italo Dacosta and Jean-Pierre Hubaux

Read More

When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries

Aylin Caliskan, Fabian Yamaguchi, Edwin Dauber, Richard Harang, Konrad Rieck, Rachel Greenstadt and Arvind Narayanan

Read More

De-anonymization of Mobility Trajectories: Dissecting the Gaps between Theory and Practice

Huandong Wang, Chen Gao, Yong Li, Gang Wang, Depeng Jin and Jingbo Sun

Read More

Veil: Private Browsing Semantics Without Browser-side Assistance

Frank Wang, James Mickens and Nickolai Zeldovich

Read More

Game of Missuggestions: Semantic Analysis of Search-Autocomplete Manipulations

Peng Wang, Xianghang Mi, Xiaojing Liao, XiaoFeng Wang, Kan Yuan, Feng Qian and Raheem Beyah

Read More

SYNODE: Understanding and Automatically Preventing Injection Attacks on NODE.JS.

Cristian-Alexandru Staicu, Michael Pradel and Benjamin Livshits 

Read More

JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks

Michael Schwarz, Moritz Lipp and Daniel Gruss

Read More

Riding out DOMsday: Towards Detecting and Preventing DOM Cross-Site Scripting

William Melicher, Anupam Das, Mahmood Sharif, Lujo Bauer and Limin Jia 

Read More

Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs

Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates and Thomas Moyer

Read More

MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation

Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, Xiangyu Zhang, Dongyan Xu, Somesh Jha, Gabriela Ciocarlie, Ashish Gehani and Vinod Yegneswaran

Read More

Towards a Timely Causality Analysis for Enterprise Security

Yushan Liu, Mu Zhang, Ding Li, Kangkook Jee, Zhichun Li, Zhenyu Wu, Junghwan Rhee and Prateek Mittal

Read More

JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking of Live In-Browser JavaScript Executions

Bo Li, Phani Vadrevu, Kyu Hyung Lee and Roberto Perdisci 

Read More

AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection

Yousra Aafer, Jianjun Huang, Yi Sun, Xiangyu Zhang, Ninghui Li and Chen Tian

Read More

InstaGuard: Instantly Deployable Hot-patches for Vulnerable System Programs on Android

Yaohui Chen, Yuping Li, Long Lu, Yueh-Hsun Lin, Hayawardh Vijayakumar, Zhi Wang and Xinming Ou 

Read More

BreakApp: Automated, Flexible Application Compartmentalization

Nikos Vasilakis, Ben Karel, Nick Roessler, Nathan Dautenhahn, Andre DeHon and Jonathan M. Smith

Read More

Resolving the Predicament of Android Custom Permissions

Guliz Seray Tuncay, Soteris Demetriou, Karan Ganju and Carl A. Gunter

Read More

ZEUS: Analyzing Safety of Smart Contracts

Sukrit Kalra, Seep Goel, Mohan Dhawan and Subodh Sharma

Read More

Chainspace: A Sharded Smart Contracts Platform

Mustafa Al-Bassam, Alberto Sonnino, Shehar Bano, Dave Hrycyszyn and George Danezis

Read More

Settling Payments Fast and Private: Efficient Decentralized Routing for Path-Based Transactions

Stefanie Roos, Pedro Moreno-Sanchez, Aniket Kate and Ian Goldberg

Read More

TLS-N: Non-repudiation over TLS Enablign Ubiquitous Content Signing

Hubert Ritzdorf, Karl Wust, Arthur Gervais, Guillaume Felley and Srdjan Capkun

Read More

Investigating Ad Transparency Mechanisms in Social Media: A Case Study of Facebooks Explanations

Athanasios Andreou, Giridhari Venkatadri, Oana Goga, Krishna P. Gummadi, Patrick Loiseau and Alan Mislove 

Read More

Inside Job: Applying Traffic Analysis to Measure Tor from Within

Rob Jansen, Marc Juarez, Rafa Galvez, Tariq Elahi and Claudia Diaz

Read More

Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks

Haizhong Zheng, Minhui Xue, Hao Lu, Shuang Hao, Haojin Zhu, Xiaohui Liang and Keith Ross

Read More


文章来源: https://www.ndss-symposium.org/ndss2018/accepted-papers/#IoTFuzzer:%20Discovering%20Memory%20Corruptions%20in%20IoT%20Through%20App-based%20Fuzzing
如有侵权请联系:admin#unsafe.sh