Cited 0 time in
PHI: Pseudo-HAL Identification for Scalable Firmware Fuzzing
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Jeong, Seyeon | - |
| dc.contributor.author | Hwang, Eunbi | - |
| dc.contributor.author | Cho, Yeongpil | - |
| dc.contributor.author | Kwon, Taekyoung | - |
| dc.date.accessioned | 2024-05-19T23:00:23Z | - |
| dc.date.available | 2024-05-19T23:00:23Z | - |
| dc.date.issued | 2024-03 | - |
| dc.identifier.issn | 0302-9743 | - |
| dc.identifier.issn | 1611-3349 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/194740 | - |
| dc.description.abstract | Firmware fuzzing aims to detect vulnerabilities in firmware by emulating peripherals at different levels: hardware, register, and function. HAL-Fuzz, which emulates peripherals through HAL function handling, is a remarkable firmware fuzzer. However, its effectiveness is confined to firmware solely relying on HAL functions, and it necessitates intricate firmware information for best outcomes, thereby limiting its target firmware range. Notably, in commercial firmware, both HAL and non-HAL (which we call “pseudo-HAL”) functions are prevalent. Identifying and addressing both is crucial for comprehensive peripheral control in fuzzing. In this paper, we present PHI, a tool designed to identify HAL and pseudo-HAL functions at the register-level. Using PHI, we develop PHI-Fuzz, an enhanced firmware fuzzer operating at the function-level. This fuzzer efficiently manages HAL and pseudo-HAL functions, demanding minimal prior knowledge yet delivering substantial results. Our evaluation demonstrates that PHI identifies HAL functions accessing the MMIO range as effectively as LibMatch of HAL-Fuzz, while overcoming its constraints in detecting pseudo-HAL functions. Significantly, when benchmarked against HAL-Fuzz, PHI-Fuzz showcases superior bug-finding capabilities, uncovering crashes that HAL-Fuzz missed. | - |
| dc.format.extent | 21 | - |
| dc.language | 영어 | - |
| dc.language.iso | ENG | - |
| dc.publisher | Springer Verlag | - |
| dc.title | PHI: Pseudo-HAL Identification for Scalable Firmware Fuzzing | - |
| dc.type | Article | - |
| dc.publisher.location | 미국 | - |
| dc.identifier.doi | 10.1007/978-981-97-1238-0_4 | - |
| dc.identifier.scopusid | 2-s2.0-85189303246 | - |
| dc.identifier.wosid | 001209294600004 | - |
| dc.identifier.bibliographicCitation | Lecture Notes in Computer Science, v.14562 LNCS, pp 60 - 80 | - |
| dc.citation.title | Lecture Notes in Computer Science | - |
| dc.citation.volume | 14562 LNCS | - |
| dc.citation.startPage | 60 | - |
| dc.citation.endPage | 80 | - |
| dc.type.docType | Proceedings Paper | - |
| dc.description.isOpenAccess | N | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalResearchArea | Mathematics | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Theory & Methods | - |
| dc.relation.journalWebOfScienceCategory | Mathematics, Applied | - |
| dc.subject.keywordPlus | Bug finding | - |
| dc.subject.keywordPlus | Functions level | - |
| dc.subject.keywordPlus | Fuzzing | - |
| dc.subject.keywordPlus | Hardware Abstraction Layers | - |
| dc.subject.keywordPlus | Peripheral control | - |
| dc.subject.keywordPlus | Prior-knowledge | - |
| dc.subject.keywordPlus | Security | - |
| dc.subject.keywordAuthor | Firmware | - |
| dc.subject.keywordAuthor | Fuzzing | - |
| dc.subject.keywordAuthor | Hardware Abstraction Layer | - |
| dc.subject.keywordAuthor | Security | - |
| dc.identifier.url | https://link.springer.com/chapter/10.1007/978-981-97-1238-0_4 | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1366
COPYRIGHT © 2024 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
