IOTStateFuzz: A Greybox Fuzzing Approach for Stateful Protocols in IoT Devices

IOTStateFuzz: A Greybox Fuzzing Approach for Stateful Protocols in IoT Devices

연구 분야: Analysis

학회: 2024 6th International Conference on Frontier Technologies of Information and Computer (ICFTIC)

Fuzzing is one of the most effective methods for detecting vulnerabilities and has been widely applied in the security assessment of network protocols, leading to numerous research advancements. However, when fuzz testing network protocols embedded in IoT device firmware, challenges such as inefficient test case generation, environment dependency, and low fault detection rates often hinder the process. In this paper, we introduce IOTStateFuzz, a greybox fuzzer specifically designed for stateful protocols in IoT devices. Built on firmware emulation, IOTStateFuzz combines automatic state model inference with coverage-guided fuzzing to overcome the inefficiencies associated with fuzz testing stateful protocols in IoT firmware. We evaluated IOTStateFuzz on several real-world protocols, and the results show that it outperforms the blackbox fuzzer boofuzz, achieving an average increase in branch coverage, statement coverage, and state coverage of 60%, 55%, and 64%, respectively.