Optimizing IoT Web Fuzzing by Firmware Infomation Mining
IoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient. In this paper, we propose to use static analysis to assist IoT web fuzzing. Our insight is that plenty of useful inf...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-06-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/12/13/6429 |
| _version_ | 1797480997145542656 |
|---|---|
| author | Yifei Gao Xu Zhou Wei Xie Baosheng Wang Enze Wang Zhenhua Wang |
| author_facet | Yifei Gao Xu Zhou Wei Xie Baosheng Wang Enze Wang Zhenhua Wang |
| author_sort | Yifei Gao |
| collection | DOAJ |
| description | IoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient. In this paper, we propose to use static analysis to assist IoT web fuzzing. Our insight is that plenty of useful information is hidden in firmwares, which can be mined by static analysis and used to guide the subsequent dynamic analysis—fuzzing. Hence, our approach contains two stages: pre-fuzzing stage and fuzzing stage. In the pre-fuzzing stage, we perform static analysis on the IoT firmwares to exploit helpful information, such as web page paths, interfaces, and shared keywords. These kinds of information are used to construct diverse seeds for covering more web paths and interfaces, and are also used to prioritize seeds according to their importance (related to shared keywords) in the fuzzing stage. Based on this approach, we implement a prototype IoT web fuzzing system—IoTParser. Experiments show that IoTParser increased the vulnerability discovery capability by 44% on average, while increasing the vulnerability discovery efficiency by 48.2% on average compared with state-of-the-art IoT web fuzzer. In addition, IoTParser has found 13 vulnerabilities, including 7 0-day. |
| first_indexed | 2024-03-09T22:08:09Z |
| format | Article |
| id | doaj.art-1c64cd4262084f1fa5c841c07fe9d778 |
| institution | Directory Open Access Journal |
| issn | 2076-3417 |
| language | English |
| last_indexed | 2024-03-09T22:08:09Z |
| publishDate | 2022-06-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj.art-1c64cd4262084f1fa5c841c07fe9d7782023-11-23T19:36:31ZengMDPI AGApplied Sciences2076-34172022-06-011213642910.3390/app12136429Optimizing IoT Web Fuzzing by Firmware Infomation MiningYifei Gao0Xu Zhou1Wei Xie2Baosheng Wang3Enze Wang4Zhenhua Wang5College of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaCollege of Computer, National University of Defense Technology, Changsha 410073, ChinaIoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient. In this paper, we propose to use static analysis to assist IoT web fuzzing. Our insight is that plenty of useful information is hidden in firmwares, which can be mined by static analysis and used to guide the subsequent dynamic analysis—fuzzing. Hence, our approach contains two stages: pre-fuzzing stage and fuzzing stage. In the pre-fuzzing stage, we perform static analysis on the IoT firmwares to exploit helpful information, such as web page paths, interfaces, and shared keywords. These kinds of information are used to construct diverse seeds for covering more web paths and interfaces, and are also used to prioritize seeds according to their importance (related to shared keywords) in the fuzzing stage. Based on this approach, we implement a prototype IoT web fuzzing system—IoTParser. Experiments show that IoTParser increased the vulnerability discovery capability by 44% on average, while increasing the vulnerability discovery efficiency by 48.2% on average compared with state-of-the-art IoT web fuzzer. In addition, IoTParser has found 13 vulnerabilities, including 7 0-day.https://www.mdpi.com/2076-3417/12/13/6429IoTfirmwarefuzzingstatic analysisvulnerability |
| spellingShingle | Yifei Gao Xu Zhou Wei Xie Baosheng Wang Enze Wang Zhenhua Wang Optimizing IoT Web Fuzzing by Firmware Infomation Mining Applied Sciences IoT firmware fuzzing static analysis vulnerability |
| title | Optimizing IoT Web Fuzzing by Firmware Infomation Mining |
| title_full | Optimizing IoT Web Fuzzing by Firmware Infomation Mining |
| title_fullStr | Optimizing IoT Web Fuzzing by Firmware Infomation Mining |
| title_full_unstemmed | Optimizing IoT Web Fuzzing by Firmware Infomation Mining |
| title_short | Optimizing IoT Web Fuzzing by Firmware Infomation Mining |
| title_sort | optimizing iot web fuzzing by firmware infomation mining |
| topic | IoT firmware fuzzing static analysis vulnerability |
| url | https://www.mdpi.com/2076-3417/12/13/6429 |
| work_keys_str_mv | AT yifeigao optimizingiotwebfuzzingbyfirmwareinfomationmining AT xuzhou optimizingiotwebfuzzingbyfirmwareinfomationmining AT weixie optimizingiotwebfuzzingbyfirmwareinfomationmining AT baoshengwang optimizingiotwebfuzzingbyfirmwareinfomationmining AT enzewang optimizingiotwebfuzzingbyfirmwareinfomationmining AT zhenhuawang optimizingiotwebfuzzingbyfirmwareinfomationmining |