One day, the cybersecurity monitoring center of an oil and gas company received a series of alarm signals indicating abnormal behavior in some of its production control systems. After a thorough investigation, it was discovered that certain critical control nodes were receiving abnormal commands from the internal network, suspected to be an external attacker attempting … Read more
Abstract This presentation introduces an adaptive fuzzing physical testing platform designed to identify vulnerabilities in automotive systems, with a particular focus on the Controller Area Network (CAN) bus. By employing “Automated Reverse Engineering Guided Fuzzing” (ARE – GF), our framework assesses the security resilience of CAN networks against complex attacks. The demonstration showcases a live … Read more
1. Overview The author proposes a novel automated black-box Fuzz testing framework—IOTFUZZER, aimed at monitoring memory corruption vulnerabilities in IoT devices. Main Advantages No need to obtain firmware images of IoT devices. No reverse engineering required. No need to know the specifics of the protocol. Purpose of Work Only Fuzz testing, used to guide subsequent … Read more
Abstract:In recent years, the application of Bluetooth devices has become increasingly widespread. If there are vulnerabilities in Bluetooth devices, it may lead to information leakage, economic losses, and other consequences. However, the firmware updates for Bluetooth devices are often delayed, and some cannot even perform hot updates. Currently, there is a relative lack of tools … Read more