ATFuzzer: Dynamic Analysis Framework of at Interface for Android Smartphones

Imtiaz Karim, Fabrizio Cicala, Syed Rafiul Hussain, Omar Chowdhury, Elisa Bertino

Research output: Contribution to journalArticlepeer-review

2 Scopus citations


Application processors of modern smartphones use the AT interface for issuing high-level commands (or AT-commands) to the baseband processor for performing cellular network operations (e.g., placing a phone call). Vulnerabilities in this interface can be leveraged by malicious USB or Bluetooth peripherals to launch pernicious attacks. In this article, we propose ATFuzzer, which uses a grammar-guided evolutionary fuzzing approach that mutates production rules of the AT-command grammar instead of concrete AT commands to evaluate the correctness and robustness of the AT-command execution process. To automate each step of the analysis pipeline, ATFuzzer first takes as input the 3GPP and other vendor-specific standard documents and, following several heuristics, automatically extracts the seed AT command grammars for the fuzzer. ATFuzzer uses the seed to generate both valid and invalid grammars, following our cross-over and mutation strategies to evaluate both the integrity and execution of AT-commands. Empirical evaluation of ATFuzzer on 10 Android smartphones from 6 vendors revealed 4 invalid AT command grammars over Bluetooth and 14 over USB with implications ranging from DoS, downgrade of cellular protocol version, to severe privacy leaks. The vulnerabilities along with the invalid AT-command grammars were responsibly disclosed to affected vendors and assigned CVE's.

Original languageEnglish (US)
Article number23
JournalDigital Threats: Research and Practice
Issue number4
StatePublished - Dec 2020

All Science Journal Classification (ASJC) codes

  • Software
  • Information Systems
  • Safety Research
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications


Dive into the research topics of 'ATFuzzer: Dynamic Analysis Framework of at Interface for Android Smartphones'. Together they form a unique fingerprint.

Cite this