{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,6]],"date-time":"2025-05-06T04:01:50Z","timestamp":1746504110128,"version":"3.40.4"},"publisher-location":"Singapore","reference-count":24,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819647309","type":"print"},{"value":"9789819647316","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-4731-6_17","type":"book-chapter","created":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T07:03:25Z","timestamp":1746428605000},"page":"340-359","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["DBridger: Discovering Vulnerable Data Sharing Paths in\u00a0Embedded Firmware"],"prefix":"10.1007","author":[{"given":"Linyu","family":"Li","sequence":"first","affiliation":[]},{"given":"Lei","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Qingli","family":"Guo","sequence":"additional","affiliation":[]},{"given":"Ruixuan","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Can","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Jun","family":"Guan","sequence":"additional","affiliation":[]},{"given":"Xiaorui","family":"Gong","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,5,3]]},"reference":[{"key":"17_CR1","unstructured":"Andersen, E., et al.: uClibc - A small C library for embedded systems (1999). https:\/\/www.uclibc.org\/. Accessed 27 Apr 2023"},{"key":"17_CR2","unstructured":"ARMIS. What is URGENT\/11 vulnerability? $$|$$ Armis Research (2019). https:\/\/www.armis.com\/research\/urgent11\/"},{"key":"17_CR3","unstructured":"Chen, J., et al.: IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18\u201321 February 2018. The Internet Society (2018). http:\/\/wp.internetsociety.org\/ndss\/wp-content\/uploads\/sites\/25\/2018\/02\/ndss2018_01A-1_Chen_paper.pdf"},{"key":"17_CR4","unstructured":"Chen, L., et al.: Sharing more and checking less: leveraging common input keywords to detect bugs in embedded systems. In: 30th USENIX Security Symposium (USENIX Security 2021), pp. 303\u2013319. USENIX Association (2021). ISBN: 978-1-939133-24-3. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/chen-libo"},{"issue":"1","key":"17_CR5","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1109\/TR.2014.2363153","volume":"64","author":"T Chen","year":"2015","unstructured":"Chen, T., et al.: Test generation for embedded executables via concolic execution in a real environment. IEEE Trans. Reliab. 64(1), 284\u2013296 (2015). https:\/\/doi.org\/10.1109\/TR.2014.2363153","journal-title":"IEEE Trans. Reliab."},{"key":"17_CR6","doi-asserted-by":"publisher","unstructured":"Cheng, K., et al.: Automatic Inference of Taint Sources to Discover Vulnerabilities in SOHO Router Firmware, pp. 83\u201399 (2021). https:\/\/doi.org\/10.1007\/978-3-030-78120-0_6. https:\/\/inria.hal.science\/hal-03746053","DOI":"10.1007\/978-3-030-78120-0_6"},{"key":"17_CR7","doi-asserted-by":"publisher","unstructured":"Cheng, K., et al.: Detecting Vulnerabilities in Linux-Based Embedded Firmware with SSE-Based On-Demand Alias Analysis, pp. 360\u2013372. Association for Computing Machinery, Inc. (2023). ISBN: 9798400702211. https:\/\/doi.org\/10.1145\/3597926.3598062","DOI":"10.1145\/3597926.3598062"},{"key":"17_CR8","unstructured":"MITRE Corporation. CWE-787: Out-of-bounds Write (2021). https:\/\/cwe.mitre.org\/data\/definitions\/787.html. Accessed 6 Apr 2023"},{"key":"17_CR9","unstructured":"The MITRE Corporation. CWE-77: Improper Neutralization of Special Elements used in an OS Command (\u2018OS Command Injection\u2019) (2021). https:\/\/cwe.mitre.org\/data\/definitions\/77.html. Accessed 6 Apr 2023"},{"key":"17_CR10","unstructured":"DSN \u201913: Proceedings of the 2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE Computer Society, USA (2013). ISBN: 9781467364713"},{"key":"17_CR11","unstructured":"FLARE. The FLARE team\u2019s open-source extension to add Python 3 scripting to Ghidra. https:\/\/github.com\/mandiant\/Ghidrathon. Accessed 2024"},{"key":"17_CR12","unstructured":"Free Software Foundation. The GNU C Library Reference Manual (2021). https:\/\/www.gnu.org\/software\/libc\/manual\/"},{"key":"17_CR13","doi-asserted-by":"publisher","unstructured":"Gao, Z., et al.: Faster and better\u2019: detecting vulnerabilities in Linux based IoT firmware with optimized reaching definition analysis. Internet Society (2024). ISBN: 1-891562-93-2. https:\/\/doi.org\/10.14722\/ndss.2024.24346. https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/2024-346-paper.pdf","DOI":"10.14722\/ndss.2024.24346"},{"key":"17_CR14","unstructured":"Ghidra. Ghidra API Documentation: PcodeOp. https:\/\/ghidra.re\/ghidra_docs\/api\/ghidra\/program\/model\/pcode\/PcodeOp.html. Accessed 2023"},{"key":"17_CR15","doi-asserted-by":"publisher","unstructured":"Giao, J., et al.: A framework for service-oriented architecture (SOA)- based IoT application development. Processes 10(9) (2022). ISSN: 2227-9717. https:\/\/doi.org\/10.3390\/pr10091782. https:\/\/www.mdpi.com\/2227-9717\/10\/9\/1782","DOI":"10.3390\/pr10091782"},{"key":"17_CR16","doi-asserted-by":"publisher","unstructured":"He, X., et al.: Exploiting the Trust between Boundaries: Discovering Memory Corruptions in Printers via Driver-Assisted Testing, pp. 74\u201384. Association for Computing Machinery (2020). ISBN: 9781450370943. https:\/\/doi.org\/10.1145\/3372799.3394363","DOI":"10.1145\/3372799.3394363"},{"key":"17_CR17","unstructured":"KeenSecurityLab. BinAbsInspector: Vulnerability Scanner for Binaries. https:\/\/github.com\/KeenSecurityLab\/BinAbsInspector. Accessed 2023"},{"key":"17_CR18","unstructured":"ReFirm Labs. Binwalk (2021). https:\/\/github.com\/ReFirmLabs\/binwalk. Accessed 28 Sept 2021"},{"issue":"5","key":"17_CR19","doi-asserted-by":"publisher","first-page":"3617","DOI":"10.1109\/TDSC.2022.3216020","volume":"20","author":"D Lu","year":"2023","unstructured":"Lu, D., et al.: Smaug: a TEE-assisted secured SQLite for embedded systems. IEEE Trans. Dependable Secure Comput. 20(5), 3617\u20133635 (2023). https:\/\/doi.org\/10.1109\/TDSC.2022.3216020","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"17_CR20","doi-asserted-by":"publisher","unstructured":"Muench, M., et al.: What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (2018). https:\/\/doi.org\/10.14722\/ndss.2018.23166","DOI":"10.14722\/ndss.2018.23166"},{"key":"17_CR21","unstructured":"National Security Agency. Ghidra. https:\/\/github.com\/NationalSecurityAgency\/ghidra. Accessed 6 Apr 2023"},{"key":"17_CR22","doi-asserted-by":"publisher","unstructured":"Redini, N., et al.: Karonte: detecting insecure multi-binary interactions in embedded firmware. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1544\u20131561 (2020). https:\/\/doi.org\/10.1109\/SP40000.2020.00036","DOI":"10.1109\/SP40000.2020.00036"},{"key":"17_CR23","unstructured":"Stallings, W.: Operating Systems: Internals and Design Principles, 7th edn. Prentice Hall Press, USA (2011). ISBN: 013230998X"},{"key":"17_CR24","unstructured":"Chemistry World. Hexion, Momentive and Norsk Hydro all hit by ransomware cyber attacks. Chemistry World (2019). https:\/\/www.chemistryworld.com\/news\/hexion-momentive-and-norsk-hydro-all-hit-by-ransomware-cyber-attacks\/3010328.article"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-4731-6_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T07:03:35Z","timestamp":1746428615000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-4731-6_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819647309","9789819647316"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-4731-6_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"3 May 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Inscrypt","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kunming","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cisc22024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/inscrypt2024.github.io\/#","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}