{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T22:02:00Z","timestamp":1757541720123,"version":"3.41.0"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319992761"},{"type":"electronic","value":"9783319992778"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-99277-8_17","type":"book-chapter","created":{"date-parts":[[2018,8,30]],"date-time":"2018-08-30T01:58:12Z","timestamp":1535594292000},"page":"313-329","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Automated Vulnerability Detection in Embedded Devices"],"prefix":"10.1007","author":[{"given":"Danjun","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yong","family":"Tang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baosheng","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wei","family":"Xie","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bo","family":"Yu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,8,30]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"G. Balakrishnan and T. Reps, WYSINWYX: What you see is not what you execute, ACM Transactions on Programming Languages and Systems, vol. 32(6), article no. 23, 2010.","key":"17_CR1","DOI":"10.1145\/1749608.1749612"},{"doi-asserted-by":"crossref","unstructured":"S. Bekrar, C. Bekrar, R. Groz and L. Mounier, A taint-based approach for smart fuzzing, Proceedings of the Fifth IEEE International Conference on Software Testing, Verification and Validation, pp. 818\u2013825, 2012.","key":"17_CR2","DOI":"10.1109\/ICST.2012.182"},{"unstructured":"C. Cadar, D. Dunbar and D. Engler, KLEE: Unassisted and automatic generation of high-coverage tests for complex system programs, Proceedings of the Eighth USENIX Conference on Operating Systems Design and Implementation, pp. 209\u2013224, 2008.","key":"17_CR3"},{"doi-asserted-by":"crossref","unstructured":"D. Caselden, A. Bazhanyuk, M. Payer, L. Szekeres, S. McCamant and D. Song, Transformation-Aware Exploit Generation using a HI-CFG, Technical Report No. UCB\/EECS-2013-85, Department of Electrical Engineering and Computer Sciences, University of California at Berkeley, Berkeley, California, 2013.","key":"17_CR4","DOI":"10.21236\/ADA587051"},{"doi-asserted-by":"crossref","unstructured":"S. Cha, T. Avgerinos, A. Rebert and D. Brumley, Unleashing Mayhem on binary code, Proceedings of the IEEE Symposium on Security and Privacy, pp. 380\u2013394, 2012.","key":"17_CR5","DOI":"10.1109\/SP.2012.31"},{"doi-asserted-by":"crossref","unstructured":"D. Chen, M. Egele, M. Woo and D. Brumley, Towards automated dynamic analysis for Linux-based embedded firmware, Proceedings of the Twenty-Third Annual Network and Distributed System Security Symposium, 2016.","key":"17_CR6","DOI":"10.14722\/ndss.2016.23415"},{"doi-asserted-by":"crossref","unstructured":"V. Chipounov, V. Kuznetsov and G. Candea, S2E: A platform for in-vivo multi-path analysis of software systems, ACM SIGPLAN Notices, vol. 46(3), pp. 265\u2013278, 2011.","key":"17_CR7","DOI":"10.1145\/1961296.1950396"},{"unstructured":"A. Costin, J. Zaddach, A. Francillon and D. Balzarotti, A large-scale analysis of the security of embedded firmware, Proceedings of the Twenty-Third USENIX Security Symposium, pp. 95\u2013110, 2014.","key":"17_CR8"},{"doi-asserted-by":"crossref","unstructured":"A. Costin, A. Zarras and A. Francillon, Automated dynamic firmware analysis at scale: A case study on embedded web interfaces, Proceedings of the Eleventh ACM Asia Conference on Computer and Communications Security, pp. 437\u2013448, 2016.","key":"17_CR9","DOI":"10.1145\/2897845.2897900"},{"unstructured":"A. Cui, M. Costello and S. Stolfo, When firmware modifications attack: A case study of embedded exploitation, Proceedings of the Twentieth Annual Network and Distributed System Security Symposium, 2013.","key":"17_CR10"},{"unstructured":"D. Davidson, B. Moench, S. Jha and T. Ristenpart, FIE on firmware: Finding vulnerabilities in embedded systems using symbolic execution, Proceedings of the Twenty-Second USENIX Security Symposium, pp. 463\u2013478, 2013.","key":"17_CR11"},{"unstructured":"T. Dullien and S. Porst, REIL: A platform-independent intermediate representation of disassembled code for static code analysis, Proceedings of the Ninth CanSecWest Applied Security Conference, 2009","key":"17_CR12"},{"doi-asserted-by":"crossref","unstructured":"A. Fournaris, L. Pocero Fraile and O. Koufopavlou, Exploiting hardware vulnerabilities to attack embedded system devices: A survey of potent microarchitectural attacks, Electronics, vol. 6(3), article no. 52, 2017.","key":"17_CR13","DOI":"10.3390\/electronics6030052"},{"doi-asserted-by":"crossref","unstructured":"P. Godefroid, N. Klarlund and K. Sen, DART: Directed automated random testing, Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 213\u2013223, 2005.","key":"17_CR14","DOI":"10.1145\/1064978.1065036"},{"unstructured":"B. Gourdin, C. Soman, H. Bojinov and E. Bursztein, Toward secure embedded web interfaces, Proceedings of the Twentieth USENIX Security Symposium, 2011.","key":"17_CR15"},{"unstructured":"M. Hachman, U.S. barely cracks list of countries with top Wi-Fi penetration, PC Magazine, April 5, 2012.","key":"17_CR16"},{"doi-asserted-by":"crossref","unstructured":"J. Kinder and H. Veith, Jakstab: A static analysis platform for binaries, Proceedings of the Twentieth International Conference on Computer Aided Verification, pp. 423\u2013427, 2008.","key":"17_CR17","DOI":"10.1007\/978-3-540-70545-1_40"},{"doi-asserted-by":"crossref","unstructured":"D. Papp, Z. Ma and L. Buttyan, Embedded systems security: Threats, vulnerabilities and attack taxonomy, Proceedings of the Thirteenth Annual Conference on Privacy, Security and Trust, pp. 145\u2013152, 2015.","key":"17_CR18","DOI":"10.1109\/PST.2015.7232966"},{"doi-asserted-by":"crossref","unstructured":"J. Pewny, B. Garmany, R. Gawlik, C. Rossow and T. Holz, Cross-architecture bug search in binary executables, Proceedings of the IEEE Symposium on Security and Privacy, pp. 709\u2013724, 2015.","key":"17_CR19","DOI":"10.1109\/SP.2015.49"},{"unstructured":"D. Ramos and D. Engler, Under-constrained symbolic execution: Correctness checking for real code, Proceedings of the Twenty-Fourth USENIX Security Symposium, pp. 49\u201364, 2015.","key":"17_CR20"},{"unstructured":"J. Salwan, Stack and heap overflow detection at runtime via behavior analysis and Pin (shell-storm.org\/blog\/Stack-and-heap-overflow-detection-at-runtime-via-behavior-analysis-and-PIN), October 14, 2010.","key":"17_CR21"},{"doi-asserted-by":"crossref","unstructured":"F. Schuster and T. Holz, Towards reducing the attack surface of software backdoors, Proceedings of the ACM Conference on Computer and Communications Security, pp. 851\u2013862, 2013.","key":"17_CR22","DOI":"10.1145\/2508859.2516716"},{"doi-asserted-by":"crossref","unstructured":"B. Schwarz, S. Debray and G. Andrews, Disassembly of executable code revisited, Proceedings of the Ninth Working Conference on Reverse Engineering, pp. 45\u201354, 2002.","key":"17_CR23","DOI":"10.1109\/WCRE.2002.1173063"},{"doi-asserted-by":"crossref","unstructured":"Y. Shoshitaishvili, R. Wang, C. Hauser, C. Kruegel and G. Vigna, Firmalice \u2013 Automatic detection of authentication bypass vulnerabilities in binary firmware, Proceedings of the Twenty-Second Annual Network and Distributed System Security Symposium, 2015.","key":"17_CR24","DOI":"10.14722\/ndss.2015.23294"},{"doi-asserted-by":"crossref","unstructured":"Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, M. Polino, A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel and G. Vigna, SOK: (State of) The art of war: Offensive techniques in binary analysis, Proceedings of the IEEE Symposium on Security and Privacy, pp. 138\u2013157, 2016.","key":"17_CR25","DOI":"10.1109\/SP.2016.17"},{"doi-asserted-by":"crossref","unstructured":"N. Stephens, J. Grosen, C. Salls, A. Dutcher, R. Wang, J. Corbetta, Y. Shoshitaishvili, C. Kruegel and G. Vigna, Driller: Augmenting fuzzing through selective symbolic execution, Proceedings of the Twenty-Third Annual Network and Distributed System Security Symposium, 2016.","key":"17_CR26","DOI":"10.14722\/ndss.2016.23368"},{"doi-asserted-by":"crossref","unstructured":"C. Wysopal, C. Eng and T. Shields, Static detection of application backdoors, Datenschutz und Datensicherheit, vol. 34(3), pp. 149\u2013155, 2010.","key":"17_CR27","DOI":"10.1007\/s11623-010-0024-4"},{"unstructured":"L. Xu, F. Sun and Z. Su, Constructing Precise Control Flow Graphs from Binaries, Technical Report, Department of Computer Science, University of California, Davis, Davis, California, 2009.","key":"17_CR28"},{"doi-asserted-by":"crossref","unstructured":"J. Zaddach, L. Bruno, A. Francillon and D. Balzarotti, Avatar: A framework to support dynamic security analysis of embedded system firmware, Proceedings of the Twenty-First Annual Network and Distributed System Security Symposium, 2014.","key":"17_CR29","DOI":"10.14722\/ndss.2014.23229"},{"unstructured":"M. Zalewski, American Fuzzy Lop (lcamtuf.coredump.cx\/afl), 2017.","key":"17_CR30"}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XIV"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-99277-8_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,6]],"date-time":"2025-07-06T17:39:08Z","timestamp":1751823548000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-99277-8_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319992761","9783319992778"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-99277-8_17","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"30 August 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New Delhi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 January 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 January 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifip119.org\/Conferences\/WG11-9-CFP-2018.pdf","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}