模糊测试
- DARWIN: Survival of the Fittest Fuzzing Mutators 使用进化策略优化模糊测试调度(NDSS 23)
- No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions 系统内核FUZZ(NDSS 23)
- AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering (USENIX 23)
- autofz: Automated Fuzzer Composition at Runtime 一个自动选择使用哪个fuzzer的系统 (USENIX 23)SmartSeed: Smart Seed Generation for Efficient Fuzzing(使用机器学习生成种子)
- Forming Faster Firmware Fuzzers 固件二进制动态重写解决仿真进行模糊测试(USENIX 23)
协议模糊测试
- Bleem: Packet Sequence Oriented Fuzzing for Protocol Implementations (USENIX 23)
- Large Language Model guided Protocol Fuzzing 大语言模型引导的协议模糊测试
协议状态机
- Automata-Based Automated Detection of State Machine Bugs in Protocol Implementations 基于自动机的协议实现中状态机错误的自动检测 (NDSS 23)
- DSFuzz: Detecting Deep State Bugs with Dependent State Exploration 还没出 (CCS 23)
协议逆向
- BinaryInferno:A Semantic-Driven Approach to Field Inference for Binary Message Formats 一种语义驱动的二进制消息格式字段推断方法 (NDSS 23)
- Lifting Network Protocol Implementation to Precise Format Specification with Security Applications 静态分析协议字段 (CCS 23)
- NetPlier: Probabilistic network protocol reverse engineering from message traces (NDSS 21)
固件分析
- Drone Security and the Mysterious Case of DJI's DroneID 大疆固件分析,协议逆向(NDSS 23)
- Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries 特斯拉二进制固件分析逆向 (USENIX 23)
针对车联网的攻击
- Brokenwire : Wireless Disruption of CCS Electric Vehicle Charging 充电系统无线电通信攻击(NDSS 23)
- Access Your Tesla without Your Awareness: Compromising Keyless Entry System of Model 3 特斯拉model3 无钥匙攻击 (NDSS 23)
- TPatch: A Triggered Physical Adversarial Patch 声学对抗性欺骗攻击(USENIX 23)
- You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks liadr欺骗攻击(USENIX 23)
流量分析
- Detecting Unknown Encrypted Malicious Traffic in Real Time via Flow Interaction Graph Analysis 通过流交互图分析实时检测未知加密恶意流量 (NDSS 23)
- BARS: Local Robustness Certification for Deep Learning based Traffic Analysis Systems (NDSS 23)
- EdgeTDC: On the Security of Time Difference of Arrival Measurements in CAN Bus Systems CAN 总线系统中到达测量时差的安全性(NDSS 23)
蓝牙
- Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry Pairing 推断形式分析以发现蓝牙密钥输入配对中的攻击 (NDSS 23)