Close

Presentation

DroidFuzz: Proprietary Driver Fuzzing for Embedded Android Devices
SessionProgram, Debug, Accelerate: Software Innovations
DescriptionEmbedded Android Devices have proliferated in many security-critical embedded scenarios, requiring sufficient testing to root out vulnerabilities. Due to Android's architecture, which uses a Hardware Abstraction Layer (HAL) for vendor-specific driver implementations, traditional kernel testing techniques cannot detect such bugs within the actual driver logic, which are commonly proprietary and vendor-specific. In this paper, we propose DroidFuzz, an embedded Android system fuzzer that targets such vendor-specific driver implementations to find such bugs. Through leveraging pre-testing HAL driver probing, kernel-user relational payload generation, and cross-boundary execution state feedback, we effectively test the proprietary drivers in both the kernel and the HAL layer. We implemented DroidFuzz and evaluated its effectiveness on 7 embedded Android devices, and found 12 security-critical previously unknown bugs, all of which have been confirmed by the respective vendors.
Authors
Jianzhong Liu
Tsinghua University
Yuheng Shen
Tsinghua University
Yifei Chu
Tsinghua University
Qiang Zhang
Hunan University
Heyuan Shi
Central South University
Wanli Chang
Hunan University
Yu Jiang
Tsinghua University
Event Type
Research Manuscript
TimeTuesday, June 244:30pm - 4:45pm PDT
Location3008, Level 3
Topics
Systems
Tracks
SYS3: Embedded Software
Next PresentationNext Presentation
STREAM: Spatiotemporal Similarity-based Efficient Approximate Median with Tunable Granularity