|
Today, the rapid adoption of IoT devices has brought security risks while facilitating people's lives. Latest research focuses on information acquisition and state establishment, however exists the defects of relys on vendors and lacks universality; focuses on communication formats rather than device information; difficult to accurately guide fuzzing into specific states then in a stable state. To address the above issues, we propose an interactive leading fuzzing scheme, named GPALzz. It uses active automata learning to break free from vendor dependence, establishes device service state guidance fuzzy testing, and utilies interaction capabilities to establish an equivalent automaton that describes device service state information. Furthermore, we selected 9 devices to verify our scheme and discovered 24 crashes in 7 devices. |
|
Keywords:Basic disciplines of Computer Science and Technology; Fuzzing; basic network communication layer; automata learning |
|