{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T16:21:34Z","timestamp":1761582094047,"version":"3.41.2"},"reference-count":23,"publisher":"Wiley","issue":"1","license":[{"start":{"date-parts":[[2021,5,22]],"date-time":"2021-05-22T00:00:00Z","timestamp":1621641600000},"content-version":"vor","delay-in-days":141,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Henan Provincial Key Scientific Research Project for College and University","award":["\u00c2 21A510011","551","2017YFB0802902"],"award-info":[{"award-number":["\u00c2 21A510011","551","2017YFB0802902"]}]},{"name":"Development and Promotion Project","award":["\u00c2 21A510011","551","2017YFB0802902"],"award-info":[{"award-number":["\u00c2 21A510011","551","2017YFB0802902"]}]},{"name":"Henan Provincial Key Research, National Key Research, and Development Project","award":["\u00c2 21A510011","551","2017YFB0802902"],"award-info":[{"award-number":["\u00c2 21A510011","551","2017YFB0802902"]}]},{"name":"SAST Industry-University-Research Cooperation Foundation","award":["\u00c2 21A510011","551","2017YFB0802902"],"award-info":[{"award-number":["\u00c2 21A510011","551","2017YFB0802902"]}]}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["Wireless Communications and Mobile Computing"],"published-print":{"date-parts":[[2021,1]]},"abstract":"<jats:p>Coverage\u2010based greybox fuzzing has strong capabilities in discovering virtualization software vulnerabilities. Efficiency is one of the most important indicators while evaluating greybox fuzzing. However, the interference of virtual hardware state conditions on testcase evaluation severely impairs the efficiency of greybox fuzzing. In order to reduce the interference of virtual hardware state conditions and increase the efficiency of fuzzing, we propose a state\u2010based virtual hardware fuzzing framework, named SAVHF (State\u2010Aware Virtual Hardware Fuzzing). In this framework, a source\u2010to\u2010source instrumentation method based on the abstract syntax tree is proposed to detect the state condition of virtual hardware. Based on the source\u2010to\u2010source instrumentation, we afterwards propose a state\u2010based fuzzing strategy to adapt to the state conditions of virtual hardware. We realize the prototype system of SAVHF and use it to evaluate 17 popular virtual hardware of Qemu and find 16 bugs with 1 CVE (Common Vulnerabilities and Exposures) number assigned. Evaluation results demonstrate that the proposed SAVHF framework covers an average of more than 61% of virtual hardware code branches in the 18 hours testing and can improve the average code coverage by 11.04% compared with the path\u2010based fuzzing strategy.<\/jats:p>","DOI":"10.1155\/2021\/6698311","type":"journal-article","created":{"date-parts":[[2021,5,22]],"date-time":"2021-05-22T17:35:09Z","timestamp":1621704909000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Framework for State\u2010Aware Virtual Hardware Fuzzing"],"prefix":"10.1155","volume":"2021","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5183-0416","authenticated-orcid":false,"given":"Hang","family":"Xu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4648-3816","authenticated-orcid":false,"given":"Ganyu","family":"Qin","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6914-2424","authenticated-orcid":false,"given":"Junhu","family":"Zhu","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0080-0927","authenticated-orcid":false,"given":"Zimian","family":"Liu","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8845-8328","authenticated-orcid":false,"given":"Zhiqiang","family":"Liu","sequence":"additional","affiliation":[]}],"member":"311","published-online":{"date-parts":[[2021,5,22]]},"reference":[{"key":"e_1_2_10_1_2","doi-asserted-by":"crossref","unstructured":"GoelN. GuptaA. andSinghS. N. A study report on virtualization technique 2016 International Conference on Computing Communication and Automation (ICCCA) 2016 Greater Noida India 1250\u20131255.","DOI":"10.1109\/CCAA.2016.7813908"},{"key":"e_1_2_10_2_2","doi-asserted-by":"crossref","unstructured":"SahooJ. MohapatraS. andLathR. Virtualization: a survey on concepts taxonomy and associated security issues 2010 Second International Conference on Computer and Network Technology 2010 Bangkok Thailand 222\u2013226.","DOI":"10.1109\/ICCNT.2010.49"},{"key":"e_1_2_10_3_2","doi-asserted-by":"crossref","unstructured":"YouP. PengY. LiuW. andXueS. Security issues and solutions in cloud computing 2012 32nd International Conference on Distributed Computing Systems Workshops 2012 Macau China 573\u2013577.","DOI":"10.1109\/ICDCSW.2012.20"},{"key":"e_1_2_10_4_2","doi-asserted-by":"crossref","unstructured":"GkortzisA. RizouS. andSpinellisD. An empirical analysis of vulnerabilities in virtualization technologies 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom) 2016 Luxembourg Luxembourg 533\u2013538.","DOI":"10.1109\/CloudCom.2016.0093"},{"key":"e_1_2_10_5_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.3003802"},{"key":"e_1_2_10_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2946563"},{"key":"e_1_2_10_7_2","unstructured":"ZalewskiM. American fuzzy lop 2017 https:\/\/lcamtuf.coredump.cx\/afl\/."},{"key":"e_1_2_10_8_2","doi-asserted-by":"crossref","unstructured":"StephensN. GrosenJ. SallsC. DutcherA. WangR. CorbettaJ. ShoshitaishviliY. KruegelC. andVignaG. Driller: Augmenting fuzzing through selective symbolic execution NDSS 2016 16 no. 2016 1\u201316.","DOI":"10.14722\/ndss.2016.23368"},{"key":"e_1_2_10_9_2","doi-asserted-by":"crossref","unstructured":"BohmeM. PhamV.-T. NguyenM.-D. andRoychoudhuryA. Directed greybox fuzzing Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security 2017 Dallas TX USA 2329\u20132344.","DOI":"10.1145\/3133956.3134020"},{"key":"e_1_2_10_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2017.2785841"},{"key":"e_1_2_10_11_2","doi-asserted-by":"crossref","unstructured":"AschermannC. SchumiloS. AbbasiA. andHolzT. Ijon: Exploring deep state spaces via fuzzing IEEE Symposium on Security and Privacy (SP) 2020 San Francisco CA USA 1597\u20131612.","DOI":"10.1109\/SP40000.2020.00117"},{"key":"e_1_2_10_12_2","unstructured":"SchumiloS. AschermannC. GawlikR. SchinzelS. andHolzT. kafl: Hardware-assisted feedback fuzzing for {OS} kernels 26th {USENIX} Security Symposium ({USENIX} Security 17) 2017 167\u2013182."},{"key":"e_1_2_10_13_2","unstructured":"Google Syzkaller: an unsupervised coverage-guided linux system call fuzzer 2020 https:\/\/opensource.google.com\/projects\/syzkaller."},{"volume-title":"Fuzzil: Coverage guided fuzzing for javascript engines","year":"2018","author":"Gro\u00df S.","key":"e_1_2_10_14_2"},{"key":"e_1_2_10_15_2","unstructured":"TangJ.andLiM. When virtualization encounter afl Blackhat 2016."},{"key":"e_1_2_10_16_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66332-6_1"},{"volume-title":"Linux Device Drivers: Where the Kernel Meets the Hardware","year":"2005","author":"Corbet J.","key":"e_1_2_10_17_2"},{"volume-title":"Understanding the Linux Kernel: from I\/O ports to process management","year":"2005","author":"Bovet D. P.","key":"e_1_2_10_18_2"},{"key":"e_1_2_10_19_2","doi-asserted-by":"crossref","unstructured":"CongK. XieF. andLeiL. Symbolic execution of virtual devices 2013 13th International Conference on Quality Software 2013 Najing China 1\u201310.","DOI":"10.1109\/QSIC.2013.44"},{"key":"e_1_2_10_20_2","unstructured":"Realtek Single chip multifunction 10\/100mbps ethernet controller w\/power management rtl8139d(l) datasheet 2020 http:\/\/realtek.info\/pdf\/rtl8139d.pdf."},{"key":"e_1_2_10_21_2","unstructured":"CVE Details Qemu: Security vulnerabilities 2020 https:\/\/www.cvedetails.com\/vulnerability-list\/vendorid-7506\/productid12657\/Qemu-Qemu.html."},{"key":"e_1_2_10_22_2","unstructured":"WangJ. DuanY. SongW. YinH. andSongC. Be sensitive and collaborative: analyzing impact of coverage metrics in greybox fuzzing 22nd International Symposium on Research in Attacks Intrusions and Defenses ({RAID} 2019) 2019 1\u201315."},{"key":"e_1_2_10_23_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2851237"}],"container-title":["Wireless Communications and Mobile Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2021\/6698311.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2021\/6698311.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/2021\/6698311","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,7]],"date-time":"2024-08-07T11:44:27Z","timestamp":1723031067000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1155\/2021\/6698311"}},"subtitle":[],"editor":[{"given":"Keping","family":"Yu","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2021,1]]},"references-count":23,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,1]]}},"alternative-id":["10.1155\/2021\/6698311"],"URL":"https:\/\/doi.org\/10.1155\/2021\/6698311","archive":["Portico"],"relation":{},"ISSN":["1530-8669","1530-8677"],"issn-type":[{"type":"print","value":"1530-8669"},{"type":"electronic","value":"1530-8677"}],"subject":[],"published":{"date-parts":[[2021,1]]},"assertion":[{"value":"2020-12-22","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-03-31","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-05-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"6698311"}}