FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4385080425> ?p ?o ?g. }

• W4385080425 abstract "Security and privacy-sensitive smartphone applications use trusted execution environments (TEEs) to protect sensitive operations from malicious code. By design, TEEs have privileged access to the entire system but expose little to no insight into their inner workings. Moreover, real-world TEEs enforce strict format and protocol interactions when communicating with trusted applications (TAs), which prohibits effective automated testing.TEEzz is the first TEE-aware fuzzing framework capable of effectively fuzzing TAs in situ on production smartphones, i.e., the TA runs in the encrypted and protected TEE and the fuzzer may only observe interactions with the TA but has no control over the TA’s code or data. Unlike traditional fuzzing techniques, which monitor the execution of a program being fuzzed and view its memory after a crash, TEEzz only requires a limited view of the target. TEEzz overcomes key limitations of TEE fuzzing (e.g., lack of visibility into the executed TAs, proprietary exchange formats, and value dependencies of interactions) by automatically attempting to infer the field types and message dependencies of the TA API through its interactions, designing state- and type-aware fuzzing mutators, and creating an in situ, on-device fuzzer.Due to the limited availability of systematic fuzzing research for TAs on commercial-off-the-shelf (COTS) Android devices, we extensively examine existing solutions, explore their limitations, and demonstrate how TEEzz improves the state-of-the-art. First, we show that general-purpose kernel driver fuzzers are ineffective for fuzzing TAs. Then, we establish a baseline for fuzzing TAs using a ground-truth experiment. We show that TEEzz outperforms other blackbox fuzzers, can improve greybox approaches (if TAs source code is available), and even outperforms greybox approaches for stateful targets. We found 13 previously unknown bugs in the latest versions of OPTEE TAs in total, out of which TEEzz is the only fuzzer to trigger three. We also ran TEEzz on popular phones and found 40 unique bugs for which one CVE was assigned so far." @default.
• W4385080425 created "2023-07-23" @default.
• W4385080425 creator A5022177364 @default.
• W4385080425 creator A5042334814 @default.
• W4385080425 creator A5065116578 @default.
• W4385080425 creator A5071486684 @default.
• W4385080425 creator A5075685499 @default.
• W4385080425 creator A5091847839 @default.
• W4385080425 date "2023-05-01" @default.
• W4385080425 modified "2023-09-24" @default.
• W4385080425 title "TEEzz: Fuzzing Trusted Applications on COTS Android Devices" @default.
• W4385080425 cites W1546956568 @default.
• W4385080425 cites W2020936921 @default.
• W4385080425 cites W2036894992 @default.
• W4385080425 cites W2065948900 @default.
• W4385080425 cites W2115675703 @default.
• W4385080425 cites W2118961967 @default.
• W4385080425 cites W2128985333 @default.
• W4385080425 cites W2215262239 @default.
• W4385080425 cites W2302344383 @default.
• W4385080425 cites W2491928626 @default.
• W4385080425 cites W2535617737 @default.
• W4385080425 cites W2538991976 @default.
• W4385080425 cites W2542538106 @default.
• W4385080425 cites W2569698171 @default.
• W4385080425 cites W2574017551 @default.
• W4385080425 cites W2612380866 @default.
• W4385080425 cites W2613534458 @default.
• W4385080425 cites W2741068848 @default.
• W4385080425 cites W2754096695 @default.
• W4385080425 cites W2765435026 @default.
• W4385080425 cites W2766540688 @default.
• W4385080425 cites W2766647240 @default.
• W4385080425 cites W2766711930 @default.
• W4385080425 cites W2795192879 @default.
• W4385080425 cites W2890190663 @default.
• W4385080425 cites W2959219726 @default.
• W4385080425 cites W2963298680 @default.
• W4385080425 cites W2964097210 @default.
• W4385080425 cites W2982720310 @default.
• W4385080425 cites W3007127028 @default.
• W4385080425 cites W3016246341 @default.
• W4385080425 cites W3097562018 @default.
• W4385080425 cites W3104862556 @default.
• W4385080425 cites W3140949594 @default.
• W4385080425 cites W4225163209 @default.
• W4385080425 cites W4240738830 @default.
• W4385080425 doi "https://doi.org/10.1109/sp46215.2023.10179302" @default.
• W4385080425 hasPublicationYear "2023" @default.
• W4385080425 type Work @default.
• W4385080425 citedByCount "0" @default.
• W4385080425 crossrefType "proceedings-article" @default.
• W4385080425 hasAuthorship W4385080425A5022177364 @default.
• W4385080425 hasAuthorship W4385080425A5042334814 @default.
• W4385080425 hasAuthorship W4385080425A5065116578 @default.
• W4385080425 hasAuthorship W4385080425A5071486684 @default.
• W4385080425 hasAuthorship W4385080425A5075685499 @default.
• W4385080425 hasAuthorship W4385080425A5091847839 @default.
• W4385080425 hasConcept C1009929 @default.
• W4385080425 hasConcept C111065885 @default.
• W4385080425 hasConcept C111919701 @default.
• W4385080425 hasConcept C148730421 @default.
• W4385080425 hasConcept C2777904410 @default.
• W4385080425 hasConcept C38652104 @default.
• W4385080425 hasConcept C41008148 @default.
• W4385080425 hasConcept C557433098 @default.
• W4385080425 hasConceptScore W4385080425C1009929 @default.
• W4385080425 hasConceptScore W4385080425C111065885 @default.
• W4385080425 hasConceptScore W4385080425C111919701 @default.
• W4385080425 hasConceptScore W4385080425C148730421 @default.
• W4385080425 hasConceptScore W4385080425C2777904410 @default.
• W4385080425 hasConceptScore W4385080425C38652104 @default.
• W4385080425 hasConceptScore W4385080425C41008148 @default.
• W4385080425 hasConceptScore W4385080425C557433098 @default.
• W4385080425 hasFunder F4320334678 @default.
• W4385080425 hasLocation W43850804251 @default.
• W4385080425 hasOpenAccess W4385080425 @default.
• W4385080425 hasPrimaryLocation W43850804251 @default.
• W4385080425 hasRelatedWork W157156687 @default.
• W4385080425 hasRelatedWork W2085426174 @default.
• W4385080425 hasRelatedWork W2294149468 @default.
• W4385080425 hasRelatedWork W2977575189 @default.
• W4385080425 hasRelatedWork W3009870990 @default.
• W4385080425 hasRelatedWork W3021250941 @default.
• W4385080425 hasRelatedWork W3162846400 @default.
• W4385080425 hasRelatedWork W3202347561 @default.
• W4385080425 hasRelatedWork W3206846523 @default.
• W4385080425 hasRelatedWork W4225009177 @default.
• W4385080425 isParatext "false" @default.
• W4385080425 isRetracted "false" @default.
• W4385080425 workType "article" @default.