Vulnerability Detection

Adaptive Fuzz Testing for ECUs: A Modular Testing Platform Approach to Enhance Vulnerability Detection

by
Adaptive Fuzz Testing for ECUs: A Modular Testing Platform Approach to Enhance Vulnerability Detection

Abstract This presentation introduces an adaptive fuzzing physical testing platform designed to identify vulnerabilities in automotive systems, with a particular focus on the Controller Area Network (CAN) bus. By employing “Automated Reverse Engineering Guided Fuzzing” (ARE – GF), our framework assesses the security resilience of CAN networks against complex attacks. The demonstration showcases a live … Read more

Embedded Linux Firmware Simulation and Security Analysis with Firmadyne

by
Embedded Linux Firmware Simulation and Security Analysis with Firmadyne

Firmadyne is an open-source software for automated analysis of embedded Linux system security, developed by Carnegie Mellon UniversityDaming D. Chen. It supports batch detection, with the entire system including firmware crawling, root filesystem extraction, QEMU simulation execution, and vulnerability discovery. The system can be downloaded from github: https://github.com/firmadyne/firmadyne The framework is shown in the figure … Read more