Communication-Traffic-Assisted Mining and Exploitation of Buffer Overflow Vulnerabilities in ADASs

Li, Yufeng; Liu, M B; Cao, Chenhong; Li, Jiangtao

doi:10.3390/fi15050185

Cited by 3 publications

(1 citation statement)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Existing research on vulnerability exploitation can efficiently discover a large number of program errors, and the description of exploitation methods has become more refined [30][31][32]. However, current research lacks fine-grained modeling and analysis of vulnerability exploitation scenarios, overlooks details in attack scenarios, and has vague path selection analysis for exploitation.…”

Section: Related Workmentioning

confidence: 99%

Fine-Grained Modeling of ROP Vulnerability Exploitation Process under Stack Overflow Based on Petri Nets

Zhang,

Wang

et al. 2023

Electronics

View full text Add to dashboard Cite

Software vulnerability discovery is currently a hot topic, and buffer overflow remains a prevalent security vulnerability. One of the key issues in vulnerability discovery and analysis is how to quickly analyze buffer overflow vulnerabilities and select critical exploitation paths. Existing modeling methods for vulnerability exploitation cannot accurately reflect the fine-grained execution process of stack overflow exploitation paths. This paper, based on the discussion of buffer overflow exploitation techniques, proposes a fine-grained modeling and analysis method based on Petri nets for the selection and execution of exploitation processes, specifically focusing on the return-oriented programming in stack overflow. Through qualitative analysis, we compared the simulated time of the software with the execution time of existing exploitation tools, achieving timeout-based simulation experiments. We validated the model’s effectiveness using symbolic execution and dynamic analysis techniques. The results indicate that this model performs well for vulnerable programs with Position Independent Executable (PIE) protection enabled and has an advantage in selecting exploitation paths, enabling timeout-based simulation. This method provides a reference for rapidly constructing exploitation implementations.

show abstract

Section: Related Workmentioning

confidence: 99%

Fine-Grained Modeling of ROP Vulnerability Exploitation Process under Stack Overflow Based on Petri Nets

Zhang,

Wang

et al. 2023

Electronics

View full text Add to dashboard Cite

show abstract

Securing the Future: A Comprehensive Review of Security Challenges and Solutions in Advanced Driver Assistance Systems

Mehta,

Padaria,

Bavisi

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Advanced Driver Assistance Systems (ADAS) are advanced technologies that assist drivers with vehicle operation and navigation. Recent improvements and brisk expansion in the ADAS market, as well as an increase in the frequency of incidents such as sensor spoofing, communication interruption etc., in autonomous vehicles (AVs), have raised the need to research ADAS security technology. The security issues raised by incorporating these technologies into automobiles must be addressed to protect the privacy and safety of passengers and other road users. As a result, the purpose of this research is to investigate the security issues that arise from the integration of ADAS technologies. Addressing these challenges holds the potential to establish a foundation for enhanced safety and dependability within transportation networks amidst the ongoing advancements in vehicle technology. This paper starts by describing the vulnerabilities, threats, assaults, and defense mechanisms of the ADAS. It then delves into the attacks and countermeasures in three categories, namely VANET, Hardware, and Adversarial attacks.VANET attacks encompass threats targeting Vehicular Ad Hoc Networks, aiming to disrupt communication among vehicles or between vehicles and infrastructure. Hardware attacks focus on vulnerabilities within the physical components of ADAS, including sensors, processors, or communication modules. Adversarial attacks involve deliberate manipulations or perturbations introduced into machine learning models or algorithms utilized within ADAS. These attacks aim to deceive or undermine the functionality of AI-based systems, causing misclassification, compromising system integrity, and posing risks to user safety by exploiting vulnerabilities in the AI decision-making process. Finally, this study highlights potential areas for future research, such as the utilization of artificial intelligence (AI), the necessity of industry-wide standardization, and recommends specific future work tailored to each attack described in the corresponding sections. INDEX TERMS ADAS, Advanced Driver Assistance Systems, Attacks, Countermeasures, Defences, Security, Threats I. INTRODUCTION ADAS stands for "Advanced Driver Assistance System". It describes a group of electronic devices and technologies that help drivers operate their cars more safely and effectively. ADAS has numerous electrical and digital tools that aid drivers in minimizing errors and performing parking functions, among other things. The primary goal of this study is to lessen human mistakes and prevent accidents through technologies like automatic emergency braking, collision avoidance, lane-keeping assistance, and autonomous cruise

show abstract

Research and Design of Active Security Protection Strategy for Charging Piles Based on Vulnerability Mining

Liu,

Zhou,

Wang

et al. 2023

Proceedings of the 2023 3rd International Conference on Big Data, Artificial Intelligence and Risk Management

View full text Add to dashboard Cite

Communication-Traffic-Assisted Mining and Exploitation of Buffer Overflow Vulnerabilities in ADASs

Cited by 3 publications

References 14 publications

Fine-Grained Modeling of ROP Vulnerability Exploitation Process under Stack Overflow Based on Petri Nets

Fine-Grained Modeling of ROP Vulnerability Exploitation Process under Stack Overflow Based on Petri Nets

Securing the Future: A Comprehensive Review of Security Challenges and Solutions in Advanced Driver Assistance Systems

Research and Design of Active Security Protection Strategy for Charging Piles Based on Vulnerability Mining

Contact Info

Product

Resources

About