DiAne is a smart fuzzer for IoT devices

Related tags

Deep Learning diane
Overview

Diane

Diane is a fuzzer for IoT devices. Diane works by identifying fuzzing triggers in the IoT companion apps to produce valid yet under-constrained inputs. Our key observation is that there exist functions inside the companion apps that are executed before any data-transforming functions (e.g., network serialization), but after the input validation code.

Repository structure

Code and data will be released soon!

Research paper

We present our approach and the findings of this work in the following research paper:

DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices [PDF]
Nilo Redini, Andrea Continella, Dipanjan Das, Giulio De Pasquale, Noah Spahn, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the IEEE Symposium on Security & Privacy (S&P), May 2021

If you use Diane in a scientific publication, we would appreciate citations using this Bibtex entry:

@inproceedings{redini_diane_21,
 author = {Nilo Redini and Andrea Continella and Dipanjan Das and Giulio De Pasquale and Noah Spahn and Aravind Machiry and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna},
 booktitle = {In Proceedings of the IEEE Symposium on Security & Privacy (S&P)},
 month = {May},
 title = {{DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices}},
 year = {2021}
}
You might also like...
Jetson Nano-based smart camera system that measures crowd face mask usage in real-time.
Jetson Nano-based smart camera system that measures crowd face mask usage in real-time.

MaskCam MaskCam is a prototype reference design for a Jetson Nano-based smart camera system that measures crowd face mask usage in real-time, with all

SLIDE : In Defense of Smart Algorithms over Hardware Acceleration for Large-Scale Deep Learning Systems

The SLIDE package contains the source code for reproducing the main experiments in this paper. Dataset The Datasets can be downloaded in Amazon-

Based on Yolo's low-power, ultra-lightweight universal target detection algorithm, the parameter is only 250k, and the speed of the smart phone mobile terminal can reach ~300fps+
Based on Yolo's low-power, ultra-lightweight universal target detection algorithm, the parameter is only 250k, and the speed of the smart phone mobile terminal can reach ~300fps+

Based on Yolo's low-power, ultra-lightweight universal target detection algorithm, the parameter is only 250k, and the speed of the smart phone mobile terminal can reach ~300fps+

Hand tracking demo for DIY Smart Glasses with a remote computer doing the work

CameraStream This is a demonstration that streams the image from smartglasses to a pc, does the hand recognition on the remote pc and streams the proc

AI Based Smart Exam Proctoring Package

AI Based Smart Exam Proctoring Package It takes image (base64) as input: Provide Output as: Detection of Mobile phone. Detection of More than 1 person

RuDOLPH: One Hyper-Modal Transformer can be creative as DALL-E and smart as CLIP
RuDOLPH: One Hyper-Modal Transformer can be creative as DALL-E and smart as CLIP

[Paper] [Хабр] [Model Card] [Colab] [Kaggle] RuDOLPH 🦌 🎄 ☃️ One Hyper-Modal Tr

Face Recognition & AI Based Smart Attendance Monitoring System.

In today’s generation, authentication is one of the biggest problems in our society. So, one of the most known techniques used for authentication is h

Public scripts, services, and configuration for running a smart home K3S network cluster
Public scripts, services, and configuration for running a smart home K3S network cluster

makerhouse_network Public scripts, services, and configuration for running MakerHouse's home network. This network supports: TODO features here For mo

This repo is about implementing different approaches of pose estimation and also is a sub-task of the smart hospital bed project :smile:

Pose-Estimation This repo is a sub-task of the smart hospital bed project which is about implementing the task of pose estimation 😄 Many thanks to th

Comments
  • lifter does not include LibraryClass, but used in note_filter.py

    lifter does not include LibraryClass, but used in note_filter.py

    Hello, when I was running this project, parsing the invoke statement of each SootMethod in node_filter.py, I encountered a class in the library (java.lang.Object), which was not in the classes included in lifter, so it reported a KeyError: 6e14a9e66a7dafa1041f5113422a539

    发生异常: KeyError
    ('java.lang.Object',)
      File "/mnt/d/diane/diane/src/node_filter/node_filter.py", line 52, in get_hierarchy
        clx = self.lifter.classes[cls]
      File "/mnt/d/diane/diane/src/node_filter/node_filter.py", line 63, in dispatch_invoke
        h = self.get_hierarchy(bcls)
      File "/mnt/d/diane/diane/src/node_filter/node_filter.py", line 97, in get_methods
        clx, method = self.dispatch_invoke(callee_cls, callee_mname, callee_params)
      File "/mnt/d/diane/diane/src/node_filter/node_filter.py", line 119, in _get_nodes_core
        methods = [self.get_methods(clx, method, s) for s in st_invoked]
      File "/mnt/d/diane/diane/src/node_filter/node_filter.py", line 137, in start
        self._get_nodes_core()
      File "/mnt/d/diane/diane/src/node_filter/node_filter.py", line 36, in __init__
        self.start(reload=reload)
      File "/mnt/d/diane/diane/run.py", line 76, in __init__
        self.nf = NodeFilter(self.config, lifter=self.lifter)
      File "/mnt/d/diane/diane/src/frida_hooker/frida_hooker.py", line 71, in g
        return f(*args, **kwargs)
      File "/mnt/d/diane/diane/run.py", line 217, in <module>
        IoTFuzzer(config).run(phase)
    

    That is because, when initializing lifter, it only get ApplicationClass, not including LibraryClass: 3342cfadfc580ea12810ba9e592f9fd Could you help me with this problem?

    opened by 5erua 1
  • 'Apk' object has no attribute 'lifter'

    'Apk' object has no attribute 'lifter'

    Hello:

    I use angr (version 9.0.8021) to run the command

    python sweet_spot_finder_angr.py ./abdo.free.remote.samsung.tv.apk
    

    But the result is something like this:

    Traceback (most recent call last):
      File "sweet_spot_finder_angr.py", line 954, in <module>
        ssf = SweetSpotFinder(path_apk)
      File "sweet_spot_finder_angr.py", line 113, in __init__
        self.p = turi.Project(apk_path, input_format='apk', android_sdk=sdk_path, lifter=self.angr_p.loader.main_object.lifter)
    AttributeError: 'Apk' object has no attribute 'lifter'
    

    I want to know what version of angr you are using or do you know why this mistake happened?

    The turi I use is open source by you at https://github.com/ucsb-seclab/turi/tree/main.

    Thanks

    opened by Yu3H0 0
Owner
seclab
The Computer Security Group at UC Santa Barbara
seclab
AFLNet: A Greybox Fuzzer for Network Protocols

AFLNet: A Greybox Fuzzer for Network Protocols AFLNet is a greybox fuzzer for protocol implementations. Unlike existing protocol fuzzers, it takes a m

null 626 Jan 6, 2023
A Kernel fuzzer focusing on race bugs

Razzer: Finding kernel race bugs through fuzzing Environment setup $ source scripts/envsetup.sh scripts/envsetup.sh sets up necessary environment var

Systems and Software Security Lab at Seoul National University (SNU) 328 Dec 26, 2022
Fuzzer for Linux Kernel Drivers

difuze: Fuzzer for Linux Kernel Drivers This repo contains all the sources (including setup scripts), you need to get difuze up and running. Tested on

seclab 344 Dec 27, 2022
Inferred Model-based Fuzzer

IMF: Inferred Model-based Fuzzer IMF is a kernel API fuzzer that leverages an automated API model inferrence techinque proposed in our paper at CCS. I

SoftSec Lab 104 Sep 28, 2022
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Angora Angora is a mutation-based coverage guided fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without s

null 833 Jan 7, 2023
a grammar based feedback fuzzer

Nautilus NOTE: THIS IS AN OUTDATE REPOSITORY, THE CURRENT RELEASE IS AVAILABLE HERE. THIS REPO ONLY SERVES AS A REFERENCE FOR THE PAPER Nautilus is a

Chair for Sys­tems Se­cu­ri­ty 158 Dec 28, 2022
Piotr - IoT firmware emulation instrumentation for training and research

Piotr: Pythonic IoT exploitation and Research Introduction to Piotr Piotr is an emulation helper for Qemu that provides a convenient way to create, sh

Damien Cauquil 51 Nov 9, 2022
Projects for AI/ML and IoT integration for games and other presented at re:Invent 2021.

Playground4AWS Projects for AI/ML and IoT integration for games and other presented at re:Invent 2021. Architecture Minecraft and Lamps This project i

Vinicius Senger 5 Nov 30, 2022
Image Captioning on google cloud platform based on iot

Image-Captioning-on-google-cloud-platform-based-on-iot - Image Captioning on google cloud platform based on iot

Shweta_kumawat 1 Jan 20, 2022
DFFNet: An IoT-perceptive Dual Feature Fusion Network for General Real-time Semantic Segmentation

DFFNet Paper DFFNet: An IoT-perceptive Dual Feature Fusion Network for General Real-time Semantic Segmentation. Xiangyan Tang, Wenxuan Tu, Keqiu Li, J

null 4 Sep 23, 2022