Wenqing Fan scite author profile

Wenqing Fan

4Publications

6Citation Statements Received

144Citation Statements Given

How they've been cited

How they cite others

144

Affiliations

Communication University of China

Publications

Order By: Most citations

PDFuzzerGen: Policy-Driven Black-Box Fuzzer Generation for Smart Devices

Cheng

Fan

Huang

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Black-box fuzzing is a testing technique to find both known and unknown vulnerabilities in software. When applying black-box fuzzing to smart devices, the main idea is to take a smart device as a black box and provide random input through a network-based interface, such as a Web interface. Due to the diversity of Web interface implementations and complex data format, a blind mutation of the message makes the message unable to pass the verification of the device component. Therefore, each Web interface needs a unique fuzzer, which precisely defines a message format of the target interface, a state maintenance method, the field positions to be mutated, and a specific input mutation method. At the time of writing, a fuzzer is completely developed by a security engineer. To save human labor, we present PDFuzzerGen, a tool to automatically synthesize complex black-box fuzzers for smart devices. PDFuzzerGen generates multiple fuzzing policies by analyzing raw messages and then synthesizes fuzzers based on policies. PDFuzzerGen requires no human intervention and can be applied to a wide range of smart devices. Furthermore, the generated fuzzers can expose bugs and flaws that rest deep in smart devices. PDFuzzerGen was evaluated to generate fuzzers for 19 different smart devices from 6 vendors. It has found 14 previously unknown vulnerabilities, 5 of which were confirmed and disclosed by the China National Vulnerability Database (CNVD) and 2 of which were confirmed and disclosed by Common Vulnerabilities and Exposures (CVE). The generated fuzzers outperform some manually crafted fuzzers on a few metrics, including the vulnerability detection rate and time cost of a newly developed fuzzer, which demonstrates the effectiveness and efficiency of PDFuzzerGen.

show abstract

IoTFuzzBench: A Pragmatic Benchmarking Framework for Evaluating IoT Black-Box Protocol Fuzzers

et al. 2023

View full text Add to dashboard Cite

High scalability and low operating cost make black-box protocol fuzzing a vital tool for discovering vulnerabilities in the firmware of IoT smart devices. However, it is still challenging to compare black-box protocol fuzzers due to the lack of unified benchmark firmware images, complete fuzzing mutation seeds, comprehensive performance metrics, and a standardized evaluation framework. In this paper, we design and implement IoTFuzzBench, a scalable, modular, metric-driven automation framework for evaluating black-box protocol fuzzers for IoT smart devices comprehensively and quantitatively. Specifically, IoTFuzzBench has so far included 14 real-world benchmark firmware images, 30 verified real-world benchmark vulnerabilities, complete fuzzing seeds for each vulnerability, 7 popular fuzzers, and 5 categories of complementary performance metrics. We deployed IoTFuzzBench and evaluated 7 popular black-box protocol fuzzers on all benchmark firmware images and benchmark vulnerabilities. The experimental results show that IoTFuzzBench can not only provide fast, reliable, and reproducible experiments, but also effectively evaluate the ability of each fuzzer to find vulnerabilities and the differential performance on different performance metrics. The fuzzers found a total of 13 vulnerabilities out of 30. None of these fuzzers can outperform the others on all metrics. This result demonstrates the importance of comprehensive metrics. We hope our findings ease the burden of fuzzing evaluation in IoT scenarios, advancing more pragmatic and reproducible fuzzer benchmarking efforts.

show abstract

APT Encrypted Traffic Detection Method based on Two-Parties and Multi-Session for IoT

Lin

Fan

et al. 2023

Preprint

View full text Add to dashboard Cite

The rise of IoT devices has led to an increase in network endpoints, making Advanced Persistent Threat (APT) attacks a significant concern. APT attacks typically use encrypted communication protocols, making traditional detection methods less effective. Machine learning-based APT encrypted traffic detection methods have been proposed but are limited in their efficacy. In this paper, we propose a novel APT encrypted traffic detection method based on two parties and multi-session analysis. The method extracts a limited set of features from network traffic, including session sequence, session time interval, upstream and downstream data size, which are then transformed into images. These images are subsequently fed into a convolutional neural network (CNN) to recognize patterns and identify network traffic. The proposed method was evaluated through five experiments, demonstrating significant success in detecting APT attacks. The use of multi-session analysis provided a comprehensive view of network traffic, enabling more accurate APT attack detection. The proposed method offers potential for deployment in enterprise security, with implications for the development of more effective APT detection methods.

show abstract

FIoTFuzzer: Response-Based Black-Box fuzzing for IoT Devices

Huang

Fan

et al. 2022

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Wenqing Fan

PDFuzzerGen: Policy-Driven Black-Box Fuzzer Generation for Smart Devices

IoTFuzzBench: A Pragmatic Benchmarking Framework for Evaluating IoT Black-Box Protocol Fuzzers

APT Encrypted Traffic Detection Method based on Two-Parties and Multi-Session for IoT

FIoTFuzzer: Response-Based Black-Box fuzzing for IoT Devices

Contact Info

Product

Resources

About