Fuzzability Testing Framework for Incomplete Firmware Binary

Jiwon Jang, Gyeongjin Son, Hyeonsu Lee, Heesun Yun, Deokjin Kim, Sangwook Lee, Seongmin Kim, Daehee Jang

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

Fuzzing is a practical approach for finding bugs in various software. So far, a number of fuzzers have been introduced based on new ideas towards enhancing the efficiency in terms of increasing code coverage or execution speed. The majority of such work predicates under the assumption that they have sound executable binary or source code to transform the target program as a whole. However, in legacy systems, source codes are often unavailable and even worse, some binaries do not provide a sound executable environment (e.g., partially recovered firmware). In this paper, we provide FT-Framework: fuzzability testing framework based on forced execution for binaries such as firmware chunks recovered in abnormal way so that they are hard to execute/analyze from intended booting phase. The essence of our work is to automatically classify functions inside a binary which we can apply coverage-guided fuzzing via forced execution. We evaluate FT-Framework using PX4 and ArduPilot firmwares which is based on 32-bit ARM architecture and demonstrate the efficacy of this approach and limitations.

Original languageEnglish
Pages (from-to)77608-77619
Number of pages12
JournalIEEE Access
Volume11
DOIs
Publication statusPublished - 2023

Bibliographical note

Publisher Copyright:
© 2013 IEEE.

Keywords

  • Fuzzability
  • binary fragment
  • coverage-guided fuzzing
  • emulation based fuzzing
  • firmware binary
  • fuzzable function

Fingerprint

Dive into the research topics of 'Fuzzability Testing Framework for Incomplete Firmware Binary'. Together they form a unique fingerprint.

Cite this