Refinement of MMIO Models for Improving the Coverage of Firmware Fuzzing | allinfosecnews.com

March 12, 2024, 4:10 a.m. | Wei-Lun Huang, Kang G. Shin

cs.CR updates on arXiv.org arxiv.org

arXiv:2403.06281v1 Announce Type: new
Abstract: Embedded systems (ESes) are now ubiquitous, collecting sensitive user data and helping the users make safety-critical decisions. Their vulnerability may thus pose a grave threat to the security and privacy of billions of ES users. Grey-box fuzzing is widely used for testing ES firmware. It usually runs the firmware in a fully emulated environment for efficient testing. In such a setting, the fuzzer cannot access peripheral hardware and hence must model the firmware's interactions with …

arxiv box collecting critical cs.cr data embedded embedded systems firmware fuzzing helping may privacy safety safety-critical security sensitive systems testing threat user data vulnerability

More from arxiv.org / cs.CR updates on arXiv.org

Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data 15 hours ago | arxiv.org

accuracy analysis arxiv cs.cr +17

Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning 15 hours ago | arxiv.org

arxiv attacks can cs.ai +13

Relay Mining: Incentivizing Full Non-Validating Nodes Servicing All RPC Types 15 hours ago | arxiv.org

arxiv client crypto cryptographic +19

Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection 15 hours ago | arxiv.org

advanced advanced persistent threats adversary adversary emulation +18

Commercial Anti-Smishing Tools and Their Comparative Effectiveness Against Modern Threats 15 hours ago | arxiv.org

arxiv attacker attacks commercial +19

PriSampler: Mitigating Property Inference of Diffusion Models 15 hours ago | arxiv.org

arxiv attacks banking cs.cr +12

PrescientFuzz: A more effective exploration approach for grey-box fuzzing 15 hours ago | arxiv.org

arxiv box campaigns control +13

Evaluating and Mitigating Linguistic Discrimination in Large Language Models 15 hours ago | arxiv.org

arxiv can capabilities cs.ai +16

Towards Classical Software Verification using Quantum Computers 15 hours ago | arxiv.org

aid arxiv computer computers +15

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom

View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands

View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila

View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico

View on infosec-jobs.com