Welcome to the InfoSci Platform
Reference Hub1
Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis

Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis

Lei Yu, Haoyu Wang, Linyu Li, Houhua He
Copyright: © 2021 |Volume: 13 |Issue: 6 |Pages: 14
ISSN: 1941-6210|EISSN: 1941-6229|EISBN13: 9781799867531|DOI: 10.4018/IJDCF.286755
Cite Article Cite Article

MLA

Yu, Lei, et al. "Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis." IJDCF vol.13, no.6 2021: pp.1-14. http://doi.org/10.4018/IJDCF.286755

APA

Yu, L., Wang, H., Li, L., & He, H. (2021). Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis. International Journal of Digital Crime and Forensics (IJDCF), 13(6), 1-14. http://doi.org/10.4018/IJDCF.286755

Chicago

Yu, Lei, et al. "Towards Automated Detection of Higher-Order Command Injection Vulnerabilities in IoT Devices: Fuzzing With Dynamic Data Flow Analysis," International Journal of Digital Crime and Forensics (IJDCF) 13, no.6: 1-14. http://doi.org/10.4018/IJDCF.286755

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Command injection vulnerabilities are among the most common and dangerous attack vectors in IoT devices. Current detection approaches can detect single-step injection vulnerabilities well by fuzzing tests. However, an attacker could inject malicious commands in an IoT device via a multi-step exploit if he first abuses an interface to store the injection payload and later use it in a command interpreter through another interface. We identify a large class of such multi-step injection attacks to address these stealthy and harmful threats and define them as higher-order command injection vulnerabilities (HOCIVs). We develop an automatic system named Request Linking (ReLink) to detect data stores that would be transferred to command interpreters and then identify HOCIVs. ReLink is validated on an experimental embedded system injected with 150 HOCIVs. According to the experimental results, ReLink is significantly better than existing command injection detection tools in terms of detection rate, test space and time.