{"id":"https://openalex.org/W4385080561","doi":"https://doi.org/10.1109/sp46215.2023.10179421","title":"RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing","display_name":"RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing","publication_year":2023,"publication_date":"2023-05-01","ids":{"openalex":"https://openalex.org/W4385080561","doi":"https://doi.org/10.1109/sp46215.2023.10179421"},"language":"en","primary_location":{"id":"doi:10.1109/sp46215.2023.10179421","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10179421","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084474343","display_name":"Jiawei Yin","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jiawei Yin","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","School of Cyber Security, University of Chinese Academy of Sciences, Beijing","Beijing Key Laboratory of Network Security and Protection Technology","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101852727","display_name":"Menghao Li","orcid":"https://orcid.org/0000-0002-5333-7630"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Menghao Li","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","Beijing Key Laboratory of Network Security and Protection Technology"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068561556","display_name":"Yuekang Li","orcid":"https://orcid.org/0000-0003-4382-0757"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yuekang Li","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100419998","display_name":"Yong Yu","orcid":"https://orcid.org/0000-0002-0187-2439"},"institutions":[{"id":"https://openalex.org/I4210108629","display_name":"Computer Network Information Center","ror":"https://ror.org/01s0wyf50","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210108629"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yong Yu","raw_affiliation_strings":["Chinese Academy of Sciences,Key Laboratory of Network Assessment Technology","Beijing Key Laboratory of Network Security and Protection Technology","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Key Laboratory of Network Assessment Technology","institution_ids":["https://openalex.org/I4210108629"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5104146621","display_name":"Boru Lin","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Boru Lin","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing","Beijing Key Laboratory of Network Security and Protection Technology","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073354871","display_name":"Yanyan Zou","orcid":"https://orcid.org/0000-0003-4787-4832"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yanyan Zou","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","Beijing Key Laboratory of Network Security and Protection Technology","School of Cyber Security, University of Chinese Academy of Sciences, Beijing","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050683592","display_name":"Wei Huo","orcid":"https://orcid.org/0009-0000-7121-1196"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wei Huo","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","School of Cyber Security, University of Chinese Academy of Sciences, Beijing","Beijing Key Laboratory of Network Security and Protection Technology"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences","institution_ids":["https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Beijing Key Laboratory of Network Security and Protection Technology","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024664385","display_name":"Jingling Xue","orcid":"https://orcid.org/0000-0003-0380-3506"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Jingling Xue","raw_affiliation_strings":["UNSW,Sydney","UNSW, Sydney"],"affiliations":[{"raw_affiliation_string":"UNSW,Sydney","institution_ids":["https://openalex.org/I31746571"]},{"raw_affiliation_string":"UNSW, Sydney","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5084474343"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":1.2205,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.83156134,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"2155","last_page":"2169"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.8769515752792358},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8453687429428101},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.8293383121490479},{"id":"https://openalex.org/keywords/x86","display_name":"x86","score":0.6360493898391724},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.6300842761993408},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5976046919822693},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.5268275141716003},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.2918816804885864}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.8769515752792358},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8453687429428101},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.8293383121490479},{"id":"https://openalex.org/C170723468","wikidata":"https://www.wikidata.org/wiki/Q182933","display_name":"x86","level":3,"score":0.6360493898391724},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.6300842761993408},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5976046919822693},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.5268275141716003},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2918816804885864},{"id":"https://openalex.org/C157915830","wikidata":"https://www.wikidata.org/wiki/Q2928001","display_name":"Bubble","level":2,"score":0.0},{"id":"https://openalex.org/C129307140","wikidata":"https://www.wikidata.org/wiki/Q6795880","display_name":"Maximum bubble pressure method","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46215.2023.10179421","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10179421","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5600000023841858,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320337504","display_name":"Research and Development","ror":"https://ror.org/027s68j25"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W2255058406","https://openalex.org/W2574017551","https://openalex.org/W2734941459","https://openalex.org/W2741068848","https://openalex.org/W2752929869","https://openalex.org/W2782780792","https://openalex.org/W2891235722","https://openalex.org/W2899036588","https://openalex.org/W2914630606","https://openalex.org/W2947265301","https://openalex.org/W2963298680","https://openalex.org/W2964097210","https://openalex.org/W2984976544","https://openalex.org/W3007127028","https://openalex.org/W3015365135","https://openalex.org/W3015384571","https://openalex.org/W3048512654","https://openalex.org/W3092076559","https://openalex.org/W3136127207","https://openalex.org/W3136959626","https://openalex.org/W3212565000","https://openalex.org/W3212828841","https://openalex.org/W4284698041","https://openalex.org/W4353004773","https://openalex.org/W6741818149","https://openalex.org/W6753913213","https://openalex.org/W6760419517","https://openalex.org/W6766830175","https://openalex.org/W6774384908","https://openalex.org/W6776032291","https://openalex.org/W6776092528","https://openalex.org/W6779763331","https://openalex.org/W6781274470","https://openalex.org/W6781817248","https://openalex.org/W6800630555","https://openalex.org/W6840859848"],"related_works":["https://openalex.org/W3207216830","https://openalex.org/W4378373752","https://openalex.org/W2354251310","https://openalex.org/W3082045140","https://openalex.org/W4254787146","https://openalex.org/W2390939225","https://openalex.org/W2348052088","https://openalex.org/W4384155638","https://openalex.org/W2253836836","https://openalex.org/W2021362805"],"abstract_inverted_index":{"System":[0,52],"Management":[1,53],"Mode":[2],"(SMM)":[3],"is":[4,21,96,123,173],"a":[5,25,148,237],"secure":[6,26,157],"operation":[7],"mode":[8],"for":[9,125,139],"x86":[10],"processors":[11],"supported":[12],"by":[13,211,231,258,275,342],"Unified":[14],"Extensible":[15],"Firmware":[16],"Interface":[17],"(UEFI)":[18],"firmware.":[19],"SMM":[20,46,49,63,79,83,100],"designed":[22],"to":[23,29,71,113,134,156,176,192,198,218,223],"provide":[24],"execution":[27,80],"environment":[28],"access":[30],"highly":[31],"privileged":[32],"data":[33,75],"or":[34],"control":[35],"low-level":[36],"hardware":[37],"(such":[38],"as":[39,86],"power":[40],"management).":[41],"The":[42,278],"programs":[43],"running":[44],"in":[45,99,168,311,331],"are":[47,57,67,256],"called":[48,151],"drivers":[50,64],"and":[51,73,109,153,247,250,266,290,306,317],"Interrupt":[54],"(SMI)":[55],"handlers":[56],"the":[58,68,78,93,114,187,196,216,228,298,312,326],"most":[59,188],"important":[60,124],"components":[61,70],"of":[62,90,119,208,325],"since":[65],"they":[66],"only":[69,183],"receive":[72],"handle":[74],"from":[76,335],"outside":[77],"environment.":[81],"Although":[82,160],"can":[84,105,165,182,243,284],"serve":[85],"an":[87],"extra":[88],"layer":[89],"protection":[91,108],"when":[92],"operating":[94],"system":[95],"compromised,":[97],"vulnerabilities":[98,122,167,254,294,310,328],"drivers,":[101],"especially":[102],"SMI":[103,120,141,169,193,213,261],"handlers,":[104,170,194,214],"invalidate":[106],"this":[107,129],"cause":[110],"severe":[111],"damages":[112],"device.":[115],"Thus,":[116],"early":[117],"detection":[118],"handler":[121,142],"UEFI":[126,271,314],"firmware":[127,272,315],"security.To":[128],"end,":[130],"researchers":[131],"have":[132,205,339],"proposed":[133],"use":[135],"hybrid":[136,149,162,238,300],"fuzzing":[137,163,240,301],"techniques":[138,164],"detecting":[140],"vulnerabilities.":[143],"Particularly,":[144],"Intel":[145,158],"has":[146],"developed":[147],"fuzzer":[150],"Excite":[152,343],"uses":[154],"it":[155,268],"products.":[159],"existing":[161,232],"detect":[166,251,291],"their":[171],"effectiveness":[172],"limited":[174],"due":[175],"two":[177],"major":[178],"pitfalls:":[179],"1)":[180],"They":[181,204],"feed":[184],"input":[185,190,201,245],"through":[186],"common":[189],"interface":[191,246],"lacking":[195,215],"ability":[197,217],"utilize":[199],"other":[200],"interfaces.":[202],"2)":[203],"no":[206],"awareness":[207],"variables":[209],"shared":[210],"multiple":[212,260],"explore":[219],"code":[220],"segments":[221],"related":[222],"such":[224],"variables.":[225],"By":[226],"addressing":[227],"challenges":[229],"faced":[230],"works,":[233],"we":[234,304],"propose":[235],"RSFuzzer,":[236],"greybox":[239],"technique":[241],"which":[242,255,337],"learn":[244],"format":[248],"information":[249],"deeply":[252],"hidden":[253],"triggered":[257],"invoking":[259],"handlers.":[262],"We":[263],"implemented":[264],"RSFuzzer":[265,283],"evaluated":[267,313],"on":[269,295],"16":[270],"images":[273,316],"provided":[274],"six":[276],"vendors.":[277],"experiment":[279],"results":[280],"show":[281],"that":[282],"cover":[285],"617%":[286],"more":[287,293],"basic":[288],"blocks":[289],"828%":[292],"average":[296],"than":[297],"state-of-the-art":[299],"technique.":[302],"Moreover,":[303],"found":[305,330],"reported":[307],"65":[308],"0-day":[309,327],"14":[318],"CVE":[319],"IDs":[320],"were":[321,329],"assigned.":[322],"Noticeably,":[323],"6":[324],"commercial-off-the-shelf":[332],"(COTS)":[333],"products":[334],"Intel,":[336],"might":[338],"been":[340],"tested":[341],"before":[344],"releasing.":[345]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2026-03-27T14:29:43.386196","created_date":"2025-10-10T00:00:00"}