Recent security papers on firmware analysis
This repository collects recent papers related to firmware analysis (e.g., IoT and embedded devices, desktop binaries) published in academic security conferences (NDSS, CCS, USENIX Security, IEEE S&P, etc.). The list of papers is organized in chronological order.
LightBLue: Automatic Profile-Aware Debloating of Bluetooth Stacks (USENIX Security)
Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems(USENIX Security)
PASAn: Detecting Peripheral Access Concurrency Bugs within Bare-Metal Embedded Applications (USENIX Security)
Jetset: Targeted Firmware Rehosting for Embedded Systems (USENIX Security)
Automatic Firmware Emulation through Invalidity-guided Knowledge Inference (USENIX Security)
SoK: Enabling Security Analyses of Embedded Systems via Rehosting (Asia CCS)
HERA: Hotpatching of Embedded Real-time Applications (NDSS )
BASESPEC: Comparative Analysis of Baseband Software and Cellular Specifications for L3 Protocols (NDSS)
DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis (IEEE S&P)
FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis (ACSAC)
FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities from Bare-Metal Firmware (CCS)
Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets (USENIX Security)
HALucinator: Firmware Re-hostingThrough Abstraction Layer Emulation (USENIX Security)
FirmScope: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Android Firmware (USENIX Security)
P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling (USENIX Security)
KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware (IEEE S&P)
PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary (NDSS)
FIRM-AFL: high-throughput greybox fuzzing of iot firmware via augmented process emulation (USENIX Security)
Toward the Analysis of Embedded Firmware through Automated Re-hosting (RAID)
ProXray: Protocol Model Learning and Guided Firmware Analysis (IEEE Transactions on Software Engineering)
IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing (NDSS)
AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares (NDSS 2014)
Firmalice-automatic detection of authentication bypass vulnerabilities in binary firmware (NDSS 2017)
Firmusb: Vetting USB device firmware using domain informed symbolic execution (CCS 2017)
Towards Automated Dynamic Analysis for Linux-based Embedded Firmware (NDSS 2017)
FIE on Firmware:Finding Vulnerabilities in Embedded Systems using Symbolic Execution (USENIX Security 2013)
A large-scale analysis of the security of embedded firmwares (USENIX Security 2014)