Bootstomp: On the security of bootloaders in mobile devices
作者: Yan Shoshitaishvili , Yanick Fratantonio , Christopher Kruegel , Antonio Bianchi , Giovanni Vigna
DOI:
关键词:
摘要: … We presented an analysis of modern mobile device bootloaders, and showed that current standards and guidelines are insufficient to guide developers toward creating secure solutions…
elsevier.com参考文章(13)
Tielei Wang, Zhiqiang Lin, Tao Wei, Wei Zou, IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution. network and distributed system security symposium. ,(2009)
Dawson Engler, David A. Ramos, Under-constrained symbolic execution: correctness checking for real code usenix security symposium. pp. 49- 64 ,(2015)
Dinghao Wu, Jiang Ming, Gaoyao Xiao, Peng Liu, Jun Wang, TaintPipe: pipelined symbolic taint analysis usenix security symposium. pp. 65- 80 ,(2015)
Jonas Zaddach, Luca Bruno, Aurélien Francillon, Davide Balzarotti, AVATAR: A framework to support dynamic security analysis of embedded systems' firmwares network and distributed system security symposium. ,(2014) , 10.14722/NDSS.2014.23229
Yan Shoshitaishvili, Ruoyu Wang, Christophe Hauser, Christopher Kruegel, Giovanni Vigna, None, Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware. network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23294
Xinran Wang, Yoon-Chan Jhi, Sencun Zhu, Peng Liu, STILL: Exploit Code Detection via Static Taint and Initialization Analyses annual computer security applications conference. pp. 289- 298 ,(2008) , 10.1109/ACSAC.2008.37
Vincent Zimmer, Lee Rosenbaum, John Loucaides, Oleksandr Bazhaniuk, Mark R. Tuttle, Symbolic execution for BIOS security WOOT'15 Proceedings of the 9th USENIX Conference on Offensive Technologies. pp. 8- 8 ,(2015)
Sang Kil Cha, Thanassis Avgerinos, Alexandre Rebert, David Brumley, Unleashing Mayhem on Binary Code ieee symposium on security and privacy. pp. 380- 394 ,(2012) , 10.1109/SP.2012.31
Karl Koscher, David Molnar, Tadayoshi Kohno, SURROGATES: enabling near-real-time dynamic analyses of embedded systems WOOT'15 Proceedings of the 9th USENIX Conference on Offensive Technologies. pp. 7- 7 ,(2015)
Simone Mutti, Yanick Fratantonio, Antonio Bianchi, Luca Invernizzi, Jacopo Corbetta, Dhilung Kirat, Christopher Kruegel, Giovanni Vigna, BareDroid: Large-Scale Analysis of Android Apps on Real Devices annual computer security applications conference. pp. 71- 80 ,(2015) , 10.1145/2818000.2818036