WebbWe implemented a prototype of SaTC and evaluated it on 39 embedded system firmwares from six popular vendors. SaTC discovered 33 unknown bugs, of which 30 are confirmed by CVE/CNVD/PSV. Compared to the state-of-the-art tool KARONTE, SaTC found significantly more bugs on the test set. Webb27 feb. 2024 · 日前，上海交通大学网络空间安全学院陈力波老师（第一作者）、蔡洤朴、薛质教授（通信作者）等师生及国内外知名科研机构研究人员联合撰写的学术论文 …

论文阅读 - 分类 - F0und

WebbSharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems @inproceedings{Chen2024SharingMA, title= ... in embedded firmware with static backtracking analysis and its efficacy is compared with the state-of-the-art method SaTC. Expand. Highly Influenced. View 6 excerpts, ... Webb27 jan. 2024 · Sharing More and Checking Less: satc 背景 嵌入式系统的漏洞驻留在其开放的web服务中现有的web漏洞检测,不适用于此类web服务(开销、假阴假阳)本文利用前后端共享的关键字定位参考点从嵌入式系统中寻找bug的关键点在于从前端web中寻找处理用户数据的后端代码, ... on to the ground

Sharing More and Checking Less: Leveraging Common Input …

Webbtrusted user input. We implemented a prototype of SaTC and evaluated it on 39 embedded system firmwares from six popu-lar vendors. SaTC discovered 33 unknown bugs, of which 30 are confirmed by CVE/CNVD/PSV. Compared to the state-of-the-art tool KARONTE, SaTC found significantly more bugs on the test set. It shows that, SaTC is effective in ... WebbIn this paper, we propose a novel static taint checking solution, SaTC, to effectively detect security vulnerabilities in web services provided by embedded devices. Our key insight is … Webb25 juni 2024 · Sharing More and Checking Less:Leveraging Common Input Keywords to Detect Bugs in Embedded Systems. 2024-06-25 13:39 论文阅读 725 阅读 0条回复 通过相同的输入关键字来定位固件系统中的漏洞 SaTC (Shared-keyword aware Taint Checking) 论文路线图： 0x20 提供了这项工作的动机和背景，并概述了我们的系统。 onto the ground