Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2025.063592
Journal Menu
Special Issues
Table of Content

All issues

Online First

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

Sensitive Target-Guided Directed Fuzzing for IoT Web Services

Xiongwei Cui, Yunchao Wang, Qiang Wei*
School of Cyberspace Security, Information Engineering University, Zhengzhou, 450007, China
* Corresponding Author: Qiang Wei. Email: email
(This article belongs to the Special Issue: Security and Privacy in IoT and Smart City: Current Challenges and Future Directions)

Computers, Materials & Continua https://doi.org/10.32604/cmc.2025.063592

Received 18 January 2025; Accepted 27 February 2025; Published online 31 March 2025

Abstract

The development of the Internet of Things (IoT) has brought convenience to people’s lives, but it also introduces significant security risks. Due to the limitations of IoT devices themselves and the challenges of re-hosting technology, existing fuzzing for IoT devices is mainly conducted through black-box methods, which lack effective execution feedback and are blind. Meanwhile, the existing static methods mainly rely on taint analysis, which has high overhead and high false alarm rates. We propose a new directed fuzz testing method for detecting bugs in web service programs of IoT devices, which can test IoT devices more quickly and efficiently. Specifically, we identify external input entry points using multiple features. Then we quickly find sensitive targets and paths affected by external input sources based on sensitive data flow analysis of decompiled code, treating them as testing objects. Finally, we perform a directed fuzzing test. We use debugging interfaces to collect execution feedback and guide the program to reach sensitive targets based on program pruning techniques. We have implemented a prototype system, AntDFuzz, and evaluated it on firmware from ten devices across five well-known manufacturers. We discovered twelve potential vulnerabilities, seven of which were confirmed and assigned bug id by China National Vulnerability Database (CNVD). The results show that our approach has the ability to find unknown bugs in real devices and is more efficient compared to existing tools.

Keywords

IoT; directed fuzzing; sensitive targets; vulnerabilities

  • 120

    View

  • 40

    Download

  • 0

    Like

Related articles

Share Link