{"id":"https://openalex.org/W2611384730","doi":"https://doi.org/10.1007/978-3-319-58469-0_15","title":"The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons","display_name":"The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons","publication_year":2017,"publication_date":"2017-01-01","ids":{"openalex":"https://openalex.org/W2611384730","doi":"https://doi.org/10.1007/978-3-319-58469-0_15","mag":"2611384730"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-319-58469-0_15","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-319-58469-0_15","pdf_url":null,"source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://inria.hal.science/hal-01649011","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065347179","display_name":"MinSik Shin","orcid":null},"institutions":[{"id":"https://openalex.org/I193775966","display_name":"Yonsei University","ror":"https://ror.org/01wjejq96","country_code":"KR","type":"education","lineage":["https://openalex.org/I193775966"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"MinSik Shin","raw_affiliation_strings":["Information Security Lab, Yonsei University, Seoul, 03722, Korea"],"affiliations":[{"raw_affiliation_string":"Information Security Lab, Yonsei University, Seoul, 03722, Korea","institution_ids":["https://openalex.org/I193775966"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079725081","display_name":"JungBeen Yu","orcid":null},"institutions":[{"id":"https://openalex.org/I193775966","display_name":"Yonsei University","ror":"https://ror.org/01wjejq96","country_code":"KR","type":"education","lineage":["https://openalex.org/I193775966"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"JungBeen Yu","raw_affiliation_strings":["Information Security Lab, Yonsei University, Seoul, 03722, Korea"],"affiliations":[{"raw_affiliation_string":"Information Security Lab, Yonsei University, Seoul, 03722, Korea","institution_ids":["https://openalex.org/I193775966"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113807533","display_name":"YoungJin Yoon","orcid":null},"institutions":[{"id":"https://openalex.org/I193775966","display_name":"Yonsei University","ror":"https://ror.org/01wjejq96","country_code":"KR","type":"education","lineage":["https://openalex.org/I193775966"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"YoungJin Yoon","raw_affiliation_strings":["Information Security Lab, Yonsei University, Seoul, 03722, Korea"],"affiliations":[{"raw_affiliation_string":"Information Security Lab, Yonsei University, Seoul, 03722, Korea","institution_ids":["https://openalex.org/I193775966"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5090551692","display_name":"Taekyoung Kwon","orcid":"https://orcid.org/0000-0002-5513-0836"},"institutions":[{"id":"https://openalex.org/I193775966","display_name":"Yonsei University","ror":"https://ror.org/01wjejq96","country_code":"KR","type":"education","lineage":["https://openalex.org/I193775966"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Taekyoung Kwon","raw_affiliation_strings":["Information Security Lab, Yonsei University, Seoul, 03722, Korea"],"affiliations":[{"raw_affiliation_string":"Information Security Lab, Yonsei University, Seoul, 03722, Korea","institution_ids":["https://openalex.org/I193775966"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5065347179"],"corresponding_institution_ids":["https://openalex.org/I193775966"],"apc_list":null,"apc_paid":null,"fwci":0.3346,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.46886617,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"219","last_page":"232"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9501846432685852},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7445049285888672},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7277432680130005},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5283625721931458},{"id":"https://openalex.org/keywords/crash","display_name":"Crash","score":0.46133410930633545},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.439524382352829},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.42027080059051514},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.25520968437194824},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.09387359023094177}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9501846432685852},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7445049285888672},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7277432680130005},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5283625721931458},{"id":"https://openalex.org/C183469790","wikidata":"https://www.wikidata.org/wiki/Q333501","display_name":"Crash","level":2,"score":0.46133410930633545},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.439524382352829},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.42027080059051514},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.25520968437194824},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.09387359023094177}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-319-58469-0_15","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-319-58469-0_15","pdf_url":null,"source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},{"id":"pmh:oai:HAL:hal-01649011v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01649011","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. pp.219-232, ⟨10.1007/978-3-319-58469-0_15⟩","raw_type":"Conference papers"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-01649011v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01649011","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. pp.219-232, ⟨10.1007/978-3-319-58469-0_15⟩","raw_type":"Conference papers"},"sustainable_development_goals":[{"score":0.8299999833106995,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W31771106","https://openalex.org/W116656696","https://openalex.org/W157156687","https://openalex.org/W614438062","https://openalex.org/W1531203382","https://openalex.org/W1546956568","https://openalex.org/W1769343819","https://openalex.org/W1976878954","https://openalex.org/W2000414759","https://openalex.org/W2002934700","https://openalex.org/W2015903771","https://openalex.org/W2042033151","https://openalex.org/W2049867480","https://openalex.org/W2054198140","https://openalex.org/W2065948900","https://openalex.org/W2107510936","https://openalex.org/W2128128820","https://openalex.org/W2128985333","https://openalex.org/W2132897303","https://openalex.org/W2140839850","https://openalex.org/W2163362445","https://openalex.org/W2515729214","https://openalex.org/W2535617737","https://openalex.org/W2574017551","https://openalex.org/W2766295568","https://openalex.org/W3160978791","https://openalex.org/W4232884709","https://openalex.org/W4240738830","https://openalex.org/W6606430823"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W3203597304","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W4248424560","https://openalex.org/W3023977444","https://openalex.org/W2766647240","https://openalex.org/W4210660460","https://openalex.org/W1565885216"],"abstract_inverted_index":{"Media":[0],"server":[1],"daemons,":[2],"running":[3],"with":[4,83],"a":[5,24,61,97,108,115,157,201,224],"high":[6],"privilege":[7],"in":[8,47,136,147,156,180,185,213,231],"the":[9,75,86,127,208],"background,":[10],"are":[11,38],"attractive":[12],"attack":[13],"vectors":[14],"that":[15,95,207],"exist":[16],"across":[17],"various":[18],"systems":[19],"including":[20],"smartphones.":[21],"Fuzzing":[22],"is":[23,44],"popularly":[25],"used":[26],"methodology":[27],"to":[28,113,126,166,190,195,218],"find":[29],"software":[30],"vulnerabilities":[31],"although":[32],"symbolic":[33],"execution":[34],"and":[35,80,92,119,160,183,233,238],"advanced":[36],"techniques":[37],"obviously":[39],"promising.":[40],"Unfortunately,":[41],"fuzzing":[42,59,73],"itself":[43],"not":[45],"effective":[46,145],"such":[48],"format-strict":[49],"environments":[50],"as":[51,60],"media":[52],"services.":[53],"Thus,":[54],"we":[55,106,131,175,192],"study":[56],"file":[57,90,110],"format-aware":[58],"technical":[62],"blend":[63],"for":[64],"finding":[65],"new":[66,209],"vulnerabilities.":[67],"We":[68,138,150],"present":[69],"our":[70,104],"black-box":[71],"mutational":[72],"on":[74],"latest":[76],"smartphone":[77],"systems,":[78],"Android":[79,186],"iOS,":[81],"respectively,":[82],"manipulation":[84],"of":[85,100,173,226],"MPEG-4":[87],"Part":[88],"14":[89],"format":[91],"show":[93],"results":[94],"affect":[96],"wide":[98],"range":[99],"related":[101],"systems.":[102,168],"In":[103],"approach,":[105],"automate":[107],"seed":[109,141],"selection":[111],"process":[112],"crawl":[114],"crowd-sourcing":[116],"public":[117],"website":[118],"validate":[120],"arbitrary":[121,220],"m4a/mp4":[122],"audio":[123],"files":[124,142],"according":[125],"FOURCC":[128],"atom":[129],"list":[130],"gained":[132],"through":[133,200],"white-box":[134],"analysis":[135],"Android.":[137],"acquired":[139],"eight":[140],"covering":[143],"all":[144],"atoms":[146,179,211],"2,600":[148],"s.":[149],"then":[151],"performed":[152],"size":[153],"field":[154],"mutation":[155,202],"little":[158],"amount":[159],"generated":[161],"1,102":[162],"test":[163],"cases":[164],"common":[165],"both":[167],"During":[169],"six":[170],"CPU":[171],"hours":[172],"fuzzing,":[174],"identified":[176],"three":[177],"crash":[178,198,210],"iOS":[181,214,232],"9.3.5":[182],"15":[184],"6.0.1,":[187],"respectively.":[188],"Due":[189],"format-awareness,":[191],"were":[193],"able":[194],"easily":[196],"locate":[197],"points":[199],"table.":[203],"It":[204],"was":[205],"discovered":[206],"found":[212],"allowed":[215],"remote":[216],"attackers":[217],"execute":[219],"code":[221],"or":[222],"cause":[223],"denial":[225],"service":[227],"by":[228],"memory":[229],"corruption":[230],"also":[234],"OS":[235],"X,":[236],"tvOS":[237],"watchOS.":[239]},"counts_by_year":[{"year":2017,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}