{"id":"https://openalex.org/W4404101430","doi":"https://doi.org/10.1109/tcad.2024.3447220","title":"<i>ECG</i>: Augmenting Embedded Operating System Fuzzing via LLM-Based Corpus Generation","display_name":"<i>ECG</i>: Augmenting Embedded Operating System Fuzzing via LLM-Based Corpus Generation","publication_year":2024,"publication_date":"2024-11-01","ids":{"openalex":"https://openalex.org/W4404101430","doi":"https://doi.org/10.1109/tcad.2024.3447220"},"language":"en","primary_location":{"id":"doi:10.1109/tcad.2024.3447220","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcad.2024.3447220","pdf_url":null,"source":{"id":"https://openalex.org/S100835903","display_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","issn_l":"0278-0070","issn":["0278-0070","1937-4151"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024778103","display_name":"Qiang Zhang","orcid":"https://orcid.org/0000-0003-1954-8925"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Qiang Zhang","raw_affiliation_strings":["College of Computer Science and Electronic Engineering, Hunan University, Changsha, China"],"affiliations":[{"raw_affiliation_string":"College of Computer Science and Electronic Engineering, Hunan University, Changsha, China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031776155","display_name":"Yuheng Shen","orcid":"https://orcid.org/0000-0002-2667-5431"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuheng Shen","raw_affiliation_strings":["KLISS, BNRist, School of Software, Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"KLISS, BNRist, School of Software, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100693298","display_name":"Jianzhong Liu","orcid":"https://orcid.org/0000-0003-3612-4315"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianzhong Liu","raw_affiliation_strings":["KLISS, BNRist, School of Software, Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"KLISS, BNRist, School of Software, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015388159","display_name":"Yiru Xu","orcid":"https://orcid.org/0000-0002-9386-1453"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yiru Xu","raw_affiliation_strings":["KLISS, BNRist, School of Software, Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"KLISS, BNRist, School of Software, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079764771","display_name":"Heyuan Shi","orcid":"https://orcid.org/0000-0002-9040-7247"},"institutions":[{"id":"https://openalex.org/I139660479","display_name":"Central South University","ror":"https://ror.org/00f1zfq44","country_code":"CN","type":"education","lineage":["https://openalex.org/I139660479"]},{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Heyuan Shi","raw_affiliation_strings":["School of Electronic Information, Central South University, Changsha, China","Anhui Province Key Laboratory of Cyberspace Security Situation Awareness and Evaluation, College of Electronic Engineering, National University of Defense Technology, Hefei, China"],"affiliations":[{"raw_affiliation_string":"School of Electronic Information, Central South University, Changsha, China","institution_ids":["https://openalex.org/I139660479"]},{"raw_affiliation_string":"Anhui Province Key Laboratory of Cyberspace Security Situation Awareness and Evaluation, College of Electronic Engineering, National University of Defense Technology, Hefei, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060117799","display_name":"Yu Jiang","orcid":"https://orcid.org/0000-0003-0955-503X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yu Jiang","raw_affiliation_strings":["KLISS, BNRist, School of Software, Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"KLISS, BNRist, School of Software, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072023674","display_name":"Wanli Chang","orcid":"https://orcid.org/0000-0002-4053-8898"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wanli Chang","raw_affiliation_strings":["College of Computer Science and Electronic Engineering, Hunan University, Changsha, China"],"affiliations":[{"raw_affiliation_string":"College of Computer Science and Electronic Engineering, Hunan University, Changsha, China","institution_ids":["https://openalex.org/I16609230"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5024778103"],"corresponding_institution_ids":["https://openalex.org/I16609230"],"apc_list":null,"apc_paid":null,"fwci":3.1409,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.92467733,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"43","issue":"11","first_page":"4238","last_page":"4249"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.7466999888420105,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.7466999888420105,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11021","display_name":"ECG Monitoring and Analysis","score":0.732699990272522,"subfield":{"id":"https://openalex.org/subfields/2705","display_name":"Cardiology and Cardiovascular Medicine"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9234819412231445},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5671461820602417},{"id":"https://openalex.org/keywords/natural-language-processing","display_name":"Natural language processing","score":0.3949534595012665},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2162320613861084},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.058082759380340576}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9234819412231445},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5671461820602417},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.3949534595012665},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2162320613861084},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.058082759380340576}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tcad.2024.3447220","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcad.2024.3447220","pdf_url":null,"source":{"id":"https://openalex.org/S100835903","display_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","issn_l":"0278-0070","issn":["0278-0070","1937-4151"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/7","score":0.6499999761581421,"display_name":"Affordable and clean energy"}],"awards":[{"id":"https://openalex.org/G5319654362","display_name":null,"funder_award_id":"62202500","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6676106116","display_name":null,"funder_award_id":"2023JJ40772","funder_id":"https://openalex.org/F4320322843","funder_display_name":"Natural Science Foundation of\u00a0Hunan Province"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322843","display_name":"Natural Science Foundation of\u00a0Hunan Province","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W2964097210","https://openalex.org/W3177813494","https://openalex.org/W3200602700","https://openalex.org/W3207016455","https://openalex.org/W4246166885","https://openalex.org/W4281741991","https://openalex.org/W4286750487","https://openalex.org/W4308477756","https://openalex.org/W4362515116","https://openalex.org/W4376122390","https://openalex.org/W4378591002","https://openalex.org/W4386185625","https://openalex.org/W4386569390","https://openalex.org/W4388716309","https://openalex.org/W4390528935","https://openalex.org/W4391583855","https://openalex.org/W4391974543","https://openalex.org/W4392414327","https://openalex.org/W4397028768","https://openalex.org/W4398239248","https://openalex.org/W4402263940","https://openalex.org/W4402665833","https://openalex.org/W6754293714","https://openalex.org/W6797151147","https://openalex.org/W6798182279","https://openalex.org/W6840793632","https://openalex.org/W6851775633","https://openalex.org/W6852417946","https://openalex.org/W6858876843","https://openalex.org/W6860329609"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2766647240","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W3203597304","https://openalex.org/W4248424560"],"abstract_inverted_index":{"Embedded":[0,25,50,68,149,162,220],"operating":[1,22],"systems":[2],"(Embedded":[3],"OSs)":[4],"power":[5],"much":[6,15,32],"of":[7,186,199,218],"our":[8],"critical":[9],"infrastructure":[10],"but":[11],"are,":[12],"in":[13,39,159,207],"general,":[14],"less":[16,33],"tested":[17],"for":[18,88],"bugs":[19,158],"than":[20],"general-purpose":[21],"systems.":[23],"Fuzzing":[24],"OSs":[26],"encounter":[27],"significant":[28],"roadblocks":[29],"due":[30],"to":[31,59,98,120,131,171,212],"documented":[34],"specifications,":[35],"an":[36,49,116,166,195],"inherent":[37],"ineffectiveness":[38],"generating":[40,72,93],"high-quality":[41],"payloads.":[42],"In":[43],"this":[44],"article,":[45],"we":[46],"propose":[47],"ECG,":[48],"OS":[51,69,150,163],"fuzzer":[52],"empowered":[53,113],"by":[54,70,114],"large":[55],"language":[56],"models":[57],"(LLMs)":[58],"sufficiently":[60],"mitigate":[61],"the":[62,99,122,133,213,219],"aforementioned":[63],"issues.":[64],"ECG":[65,140,178],"approaches":[66],"fuzzing":[67],"automatically":[71],"input":[73,101],"specifications":[74,102],"based":[75],"on":[76,165],"readily":[77],"available":[78],"source":[79],"code":[80,183],"and":[81,84,92,103,153,155,176,191,216],"documentation,":[82],"instrumenting":[83],"intercepting":[85],"execution":[86],"behavior":[87],"directional":[89,104],"guidance":[90],"information,":[91],"inputs":[94],"with":[95,194],"payloads":[96],"according":[97],"pregenerated":[100],"hints":[105],"provided":[106],"from":[107,124],"previous":[108],"runs.":[109],"These":[110,201],"methods":[111],"are":[112],"using":[115,127],"interactive":[117],"refinement":[118],"method":[119],"extract":[121],"most":[123],"LLMs":[125],"while":[126],"established":[128],"parsing":[129],"checkers":[130],"validate":[132],"outputs.":[134],"Our":[135],"evaluation":[136],"results":[137,202],"demonstrate":[138],"that":[139],"uncovered":[141],"32":[142],"new":[143],"vulnerabilities":[144],"across":[145],"three":[146],"popular":[147],"open-source":[148],"(RT-Linux,":[151],"RaspiOS,":[152],"OpenWrt)":[154],"detected":[156],"ten":[157],"a":[160],"commercial":[161],"running":[164],"actual":[167],"device.":[168],"Moreover,":[169],"compared":[170],"Syzkaller,":[172],"Moonshine,":[173],"KernelGPT,":[174],"Rtkaller,":[175],"DRLF,":[177],"has":[179],"achieved":[180],"additional":[181],"kernel":[182],"coverage":[184],"improvements":[185],"23.20%,":[187],"19.46%,":[188],"10.96%,":[189],"15.47%,":[190],"11.05%,":[192],"respectively,":[193],"overall":[196,214],"average":[197],"improvement":[198],"16.02%.":[200],"underscore":[203],"ECG\u2019s":[204],"enhanced":[205],"capability":[206],"uncovering":[208],"vulnerabilities,":[209],"thus":[210],"contributing":[211],"robustness":[215],"security":[217],"OS.":[221]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":8}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}