{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,20]],"date-time":"2025-11-20T13:18:13Z","timestamp":1763644693962,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":16,"publisher":"ACM","funder":[{"name":"Institute of Information & Communications Technology Planning & Evaluation(IITP) grant funded by the Korea government(MSIT)","award":["RS-2024-00437252"],"award-info":[{"award-number":["RS-2024-00437252"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,30]]},"DOI":"10.1145\/3734477.3734726","type":"proceedings-article","created":{"date-parts":[[2025,6,27]],"date-time":"2025-06-27T21:11:01Z","timestamp":1751058661000},"page":"242-247","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["<scp>FirmState:<\/scp>\n            Bringing Cellular Protocol States to Shannon Baseband Emulation"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-8777-2531","authenticated-orcid":false,"given":"Suhwan","family":"Jeong","sequence":"first","affiliation":[{"name":"ENKI WhiteHat, Seoul, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-0692-0899","authenticated-orcid":false,"given":"Beomseok","family":"Oh","sequence":"additional","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-1121-733X","authenticated-orcid":false,"given":"Kwangmin","family":"Kim","sequence":"additional","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8931-2833","authenticated-orcid":false,"given":"Insu","family":"Yun","sequence":"additional","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4879-1262","authenticated-orcid":false,"given":"Yongdae","family":"Kim","sequence":"additional","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-5102-2190","authenticated-orcid":false,"given":"CheolJun","family":"Park","sequence":"additional","affiliation":[{"name":"Kyung Hee University, Yongin, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2025,6,30]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"A walk with Shannon. OPCDE","author":"Cama Amat","year":"2018","unstructured":"Amat Cama. 2018. A walk with Shannon. OPCDE (2018)."},{"key":"e_1_3_2_1_2_1","volume-title":"AFL: Combining Incremental Steps of Fuzzing Research. In USENIX WOOT.","author":"Fioraldi Andrea","year":"2020","unstructured":"Andrea Fioraldi, Dominik Maier, Heiko Ei\u00dffeldt, and Marc Heuse. 2020. AFL: Combining Incremental Steps of Fuzzing Research. In USENIX WOOT."},{"key":"e_1_3_2_1_3_1","unstructured":"Matheus E Garbelini Zewen Shang Shijie Luo and Sudipta Chattopadhyay. 2023. 5GHOUL: Unleashing Chaos on 5G Edge Devices. Technical Report. SUTD."},{"key":"e_1_3_2_1_4_1","volume-title":"There's Life in the Old Dog Yet: Tearing New Holes into Intel\/iPhone Cellular Modems. Comsecuris","author":"Golde Nico","year":"2018","unstructured":"Nico Golde. 2018. There's Life in the Old Dog Yet: Tearing New Holes into Intel\/iPhone Cellular Modems. Comsecuris (2018)."},{"key":"e_1_3_2_1_5_1","volume-title":"Breaking Band: reverse engineering and exploiting the shannon baseband. REcon","author":"Golde Nico","year":"2016","unstructured":"Nico Golde and Daniel Komaromy. 2016. Breaking Band: reverse engineering and exploiting the shannon baseband. REcon (2016)."},{"key":"e_1_3_2_1_6_1","volume-title":"Exploring the MediaTek Baseband. OffensiveCon","author":"Grassi Marco","year":"2020","unstructured":"Marco Grassi and Xingyu Chen. 2020. Exploring the MediaTek Baseband. OffensiveCon (2020)."},{"key":"e_1_3_2_1_7_1","unstructured":"Grant Hernandez. 2021. ShannonBaseband: Samsung Shannon Baseband Research. GitHub repository. https:\/\/github.com\/grant-h\/ShannonBaseband"},{"key":"e_1_3_2_1_8_1","volume-title":"Emulating Samsung's Baseband for Security Testing. BlackHat USA","author":"Hernandez Grant","year":"2020","unstructured":"Grant Hernandez and Marius Muench. 2020. Emulating Samsung's Baseband for Security Testing. BlackHat USA (2020)."},{"key":"e_1_3_2_1_9_1","volume-title":"FIRMWIRE: Transparent dynamic analysis for cellular baseband firmware. In NDSS.","author":"Hernandez Grant","year":"2022","unstructured":"Grant Hernandez, Marius Muench, Dominik Maier, Alyssa Milburn, Shinjo Park, Tobias Scharnowski, Tyler Tucker, Patrick Traynor, and Kevin Butler. 2022. FIRMWIRE: Transparent dynamic analysis for cellular baseband firmware. In NDSS."},{"key":"e_1_3_2_1_10_1","volume-title":"Omar Chowdhury, and Elisa Bertino.","author":"Hussain Syed Rafiul","year":"2021","unstructured":"Syed Rafiul Hussain, Imtiaz Karim, Abdullah Al Ishtiaq, Omar Chowdhury, and Elisa Bertino. 2021. Noncompliance as deviant behavior: An automated black-box noncompliance checker for 4g lte cellular devices. In CCS."},{"key":"e_1_3_2_1_11_1","volume-title":"CheolJun Park, Dongkwan Kim, Yongdae Kim, and Insu Yun.","author":"Kim Eunsoo","year":"2023","unstructured":"Eunsoo Kim, Min Woo Baek, CheolJun Park, Dongkwan Kim, Yongdae Kim, and Insu Yun. 2023. BASECOMP: A Comparative Analysis for Integrity Protection in Cellular Baseband Software. In USENIX Security."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Eunsoo Kim Dongkwan Kim CheolJun Park Insu Yun and Yongdae Kim. 2021. BaseSpec: Comparative Analysis of Baseband Software and Cellular Specifications for L3 Protocols.. In NDSS.","DOI":"10.14722\/ndss.2021.24365"},{"key":"e_1_3_2_1_13_1","volume-title":"Basebanheimer: Now I Am Become Death, The Destroyer Of Chains. OffensiveCon","author":"Komaromy Daniel","year":"2023","unstructured":"Daniel Komaromy. 2023. Basebanheimer: Now I Am Become Death, The Destroyer Of Chains. OffensiveCon (2023)."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Dominik Maier Lukas Seidel and Shinjo Park. 2020. BaseSAFE: Baseband sanitized fuzzing through emulation. In ACM WiSec.","DOI":"10.1145\/3395351.3399360"},{"key":"e_1_3_2_1_15_1","unstructured":"C Park Sangwook Bae B Oh Jiho Lee Eunkyu Lee Insu Yun and Yongdae Kim. 2022. DoLTEst: In-depth Downlink Negative Testing Framework for LTE Devices. In USENIX Security."},{"key":"e_1_3_2_1_16_1","unstructured":"Natalie Silvanovich. 2023. How to Hack Shannon Baseband (from a Phone). OffensiveCon (2023)"}],"event":{"name":"WiSec 2025: 18th ACM Conference on Security and Privacy in Wireless and Mobile Networks","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing"],"location":"Arlington VA USA","acronym":"WiSec 2025"},"container-title":["18th ACM Conference on Security and Privacy in Wireless and Mobile Networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3734477.3734726","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T21:46:02Z","timestamp":1755899162000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3734477.3734726"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,30]]},"references-count":16,"alternative-id":["10.1145\/3734477.3734726","10.1145\/3734477"],"URL":"https:\/\/doi.org\/10.1145\/3734477.3734726","relation":{},"subject":[],"published":{"date-parts":[[2025,6,30]]},"assertion":[{"value":"2025-06-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}