Analysis of Fuzzing Techniques to Discover Vulnerabilities in the Firmware of Internet of Things Devices

Analysis of Fuzzing Techniques to Discover Vulnerabilities in the Firmware of Internet of Things Devices

연구 분야: Analysis

학회: 2024 9th International Engineering, Sciences and Technology Conference (IESTEC)

Implementing fuzzing to discover vulnerabilities in IoT devices is a field that is under active research. These devices are launched to market with many vulnerabilities, and fuzzing provides a way to detect them in an effective and efficient way. This research aims to identify the innovative techniques presented by these fuzzing methods. Current studies have focused on gray box fuzzers, since most are based on proven methods and tools. One of its disadvantages is that it relies on active access to the firmware binaries to emulate the device on a fuzzer control system. This access is not always possible due to commercial or technical restrictions. In these cases, black box fuzzers provide a functional alternative where access to these binaries is not available.