Physical Devices-Agnostic Hybrid Fuzzing of IoT Firmware

Lingyun Situ, Chi Zhang, Le Guan, Zhiqiang Zuo, Linzhang Wang, Xuandong Li, Peng Liu, Jin Shi

Research output: Contribution to journalArticlepeer-review

Abstract

With the rapid expansion of the Internet of Things, a vast number of microcontroller-based (MCU) IoT devices are now susceptible to attacks through the Internet. Vulnerabilities within the firmware are one of the most important attack surfaces. Fuzzing has emerged as one of the most effective techniques for identifying such vulnerabilities. However, when applied to IoT firmware, several challenges arise, including: 1) the inability of firmware to execute properly in the absence of peripherals; 2) the lack of support for exploring input spaces of multiple peripherals; 3) difficulties in instrumenting and gathering feedback; and 4) the absence of a fault detection mechanism. To address these challenges, we have developed and implemented an innovative peripheral-independent hybrid fuzzing tool called FirmHybirdFuzzer. This tool enables testing of MCU firmware without reliance on specific peripheral hardware. First, a unified virtual peripheral was integrated to model the behaviors of various peripherals, thus enabling the physical devices-agnostic firmware execution. Then, a hybrid event generation approach was used to generate inputs for different peripheral accesses. Furthermore, two-level coverage feedback was collected to optimize the testcase generation. Finally, a plugin-based fault detection mechanism was implemented to identify typical memory corruption vulnerabilities. A large-scale experimental evaluation has been performed to show FirmHybirdFuzzer's effectiveness and efficiency.

Original languageEnglish (US)
Pages (from-to)20718-20734
Number of pages17
JournalIEEE Internet of Things Journal
Volume10
Issue number23
DOIs
StatePublished - Dec 1 2023

All Science Journal Classification (ASJC) codes

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Cite this