{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T17:57:29Z","timestamp":1773511049855,"version":"3.50.1"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030781194","type":"print"},{"value":"9783030781200","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-78120-0_6","type":"book-chapter","created":{"date-parts":[[2021,6,17]],"date-time":"2021-06-17T05:02:49Z","timestamp":1623906169000},"page":"83-99","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Automatic Inference of Taint Sources to\u00a0Discover Vulnerabilities in SOHO Router\u00a0Firmware"],"prefix":"10.1007","author":[{"given":"Kai","family":"Cheng","sequence":"first","affiliation":[]},{"given":"Dongliang","family":"Fang","sequence":"additional","affiliation":[]},{"given":"Chuan","family":"Qin","sequence":"additional","affiliation":[]},{"given":"Huizhao","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Yaowen","family":"Zheng","sequence":"additional","affiliation":[]},{"given":"Nan","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Limin","family":"Sun","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,6,15]]},"reference":[{"key":"6_CR1","unstructured":"Common vulnerabilities and exposures. https:\/\/cve.mitre.org\/"},{"key":"6_CR2","unstructured":"Exploit database of the website. https:\/\/www.exploit-db.com\/"},{"key":"6_CR3","unstructured":"Firmware analysis tool. https:\/\/github.com\/ReFirmLabs\/binwalk"},{"key":"6_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"250","DOI":"10.1007\/978-3-540-31985-6_19","volume-title":"Compiler Construction","author":"G Balakrishnan","year":"2005","unstructured":"Balakrishnan, G., Gruian, R., Reps, T., Teitelbaum, T.: CodeSurfer\/x86\u2014a platform for analyzing x86 executables. In: Bodik, R. (ed.) CC 2005. LNCS, vol. 3443, pp. 250\u2013254. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-31985-6_19"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Chen, J., et al.: IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23159"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Cheng, K., et al.: DTaint: detecting the taint-style vulnerability in embedded device firmware. In: DSN (2018)","DOI":"10.1109\/DSN.2018.00052"},{"key":"6_CR7","unstructured":"Corteggiani, N., Camurati, G., Francillon, A.: Inception: system-wide security testing of real-world embedded systems software. In: USENIX Security (2018)"},{"key":"6_CR8","unstructured":"Davidson, D., Moench, B., Ristenpart, T., Jha, S.: $$\\{$$FIE$$\\}$$ on firmware: finding vulnerabilities in embedded systems using symbolic execution. In: USENIX Security (2013)"},{"key":"6_CR9","unstructured":"Eli Kreminchuker, M.Z.: Echobot malware now up to 71 exploits, targeting scada (2019). https:\/\/www.f5.com\/labs\/articles\/threat-intelligence\/echobot-malware-now-up-to-71-exploits-targeting-scada"},{"key":"6_CR10","doi-asserted-by":"crossref","unstructured":"Muench, M., Stijohann, J., Kargl, F., Francillon, A., Balzarotti, D.: What you corrupt is not what you crash: challenges in fuzzing embedded devices. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23166"},{"issue":"6","key":"6_CR11","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1145\/1273442.1250746","volume":"42","author":"N Nethercote","year":"2007","unstructured":"Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM Sigplan Not. 42(6), 89\u2013100 (2007)","journal-title":"ACM Sigplan Not."},{"key":"6_CR12","unstructured":"Rawat, S., Mounier, L., Potet, M.-L.: Static taint-analysis on binary executables (2011). http:\/\/web.cs.iastate.edu\/~weile\/cs513x\/5.TaintAnalysis2.pdf"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Redini, N., et al.: Karonte: detecting insecure multi-binary interactions in embedded firmware. In: SP (2020)","DOI":"10.1109\/SP40000.2020.00036"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., Vigna, G.: Firmalice-automatic detection of authentication bypass vulnerabilities in binary firmware. In: NDSS (2015)","DOI":"10.14722\/ndss.2015.23294"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., et al.: Sok:(state of) the art of war: offensive techniques in binary analysis. In: SP (2016)","DOI":"10.1109\/SP.2016.17"},{"key":"6_CR16","unstructured":"Statista: Internet of things (IoT) (2020). https:\/\/www.statista.com\/topics\/2637\/internet-of-things\/"},{"key":"6_CR17","unstructured":"TrendMicro: Smart yet flawed: IoT device vulnerabilities explained (2020). https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/internet-of-things\/smart-yet-flawed-iot-device-vulnerabilities-explained"},{"issue":"8","key":"6_CR18","doi-asserted-by":"publisher","first-page":"1989","DOI":"10.3837\/tiis.2013.08.014","volume":"7","author":"Z Wang","year":"2013","unstructured":"Wang, Z., Zhang, Y., Liu, Q.: Rpfuzzer: a framework for discovering router protocols vulnerabilities based on fuzzing. KSII TIIS 7(8), 1989\u20132009 (2013)","journal-title":"KSII TIIS"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Yamaguchi, F., Maier, A., Gascon, H., Rieck, K.: Automatic inference of search patterns for taint-style vulnerabilities. In: SP (2015)","DOI":"10.1109\/SP.2015.54"},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Zhang, Y., et al.: SrFuzzer: an automatic fuzzing framework for physical soho router devices to discover multi-type vulnerabilities. In: ACSAC (2019)","DOI":"10.1145\/3359789.3359826"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Zheng, Y., Song, Z., Sun, Y., Cheng, K., Zhu, H., Sun, L.: An efficient greybox fuzzing scheme for Linux-based IoT programs through binary static analysis. In: IPCCC (2019)","DOI":"10.1109\/IPCCC47392.2019.8958740"},{"key":"6_CR22","unstructured":"Zheng, Y., Davanian, A., Yin, H., Song, C., Zhu, H., Sun, L.: FIRM-AFL: high-throughput greybox fuzzing of IoT firmware via augmented process emulation. In: USENIX Security (2019)"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-78120-0_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,16]],"date-time":"2025-06-16T22:02:14Z","timestamp":1750111334000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-78120-0_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030781194","9783030781200"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-78120-0_6","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"value":"1868-4238","type":"print"},{"value":"1868-422X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"15 June 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oslo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 June 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.ifipsec.org\/2021\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"112","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}