{"id":"https://openalex.org/W3030859822","doi":"https://doi.org/10.1145/3372799.3394363","title":"Exploiting the Trust Between Boundaries","display_name":"Exploiting the Trust Between Boundaries","publication_year":2020,"publication_date":"2020-05-29","ids":{"openalex":"https://openalex.org/W3030859822","doi":"https://doi.org/10.1145/3372799.3394363","mag":"3030859822"},"language":"en","primary_location":{"id":"doi:10.1145/3372799.3394363","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3372799.3394363","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 21st ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101913385","display_name":"Xiaoyu He","orcid":"https://orcid.org/0000-0002-5481-2763"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xiaoyu He","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050175604","display_name":"Erick Bauman","orcid":"https://orcid.org/0009-0004-4804-4261"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Erick Bauman","raw_affiliation_strings":["University of Texas at Dallas, Dallas, TX, USA"],"affiliations":[{"raw_affiliation_string":"University of Texas at Dallas, Dallas, TX, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100448952","display_name":"Feng Li","orcid":"https://orcid.org/0000-0002-9711-3452"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Feng Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100774255","display_name":"Yu Lei","orcid":"https://orcid.org/0000-0003-4321-0385"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lei Yu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101937753","display_name":"Linyu Li","orcid":"https://orcid.org/0000-0003-3942-4014"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Linyu Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012411460","display_name":"Bingchang Liu","orcid":"https://orcid.org/0009-0003-9380-6168"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bingchang Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034163271","display_name":"Aihua Piao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Aihua Piao","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051312448","display_name":"Kevin W. Hamlen","orcid":"https://orcid.org/0000-0003-0479-6280"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kevin W. Hamlen","raw_affiliation_strings":["University of Texas at Dallas, Dallas, TX, USA"],"affiliations":[{"raw_affiliation_string":"University of Texas at Dallas, Dallas, TX, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050683592","display_name":"Wei Huo","orcid":"https://orcid.org/0009-0000-7121-1196"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wei Huo","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108286207","display_name":"Wei Zou","orcid":"https://orcid.org/0000-0003-4215-5361"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wei Zou","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5101913385"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.05134957,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"74","last_page":"84"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9485912322998047},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.8442441821098328},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7867007255554199},{"id":"https://openalex.org/keywords/3d-printer","display_name":"3d printer","score":0.6840088963508606},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6192556619644165},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6159669160842896},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5442039370536804},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5109742879867554},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4425605237483978},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.422878623008728},{"id":"https://openalex.org/keywords/code-coverage","display_name":"Code coverage","score":0.41987094283103943},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.34749215841293335},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2911989092826843},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.25714483857154846},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.2548081874847412},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10671940445899963}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9485912322998047},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.8442441821098328},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7867007255554199},{"id":"https://openalex.org/C2984377249","wikidata":"https://www.wikidata.org/wiki/Q229367","display_name":"3d printer","level":2,"score":0.6840088963508606},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6192556619644165},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6159669160842896},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5442039370536804},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5109742879867554},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4425605237483978},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.422878623008728},{"id":"https://openalex.org/C53942775","wikidata":"https://www.wikidata.org/wiki/Q1211721","display_name":"Code coverage","level":3,"score":0.41987094283103943},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.34749215841293335},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2911989092826843},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.25714483857154846},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.2548081874847412},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10671940445899963},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3372799.3394363","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3372799.3394363","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 21st ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7599999904632568}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W363773691","https://openalex.org/W1694077306","https://openalex.org/W1976878954","https://openalex.org/W2043118292","https://openalex.org/W2065948900","https://openalex.org/W2091939272","https://openalex.org/W2514974017","https://openalex.org/W2576376563","https://openalex.org/W2791018263","https://openalex.org/W2795192879","https://openalex.org/W2928702109","https://openalex.org/W2979357014","https://openalex.org/W6749877055"],"related_works":["https://openalex.org/W4378373752","https://openalex.org/W3084814329","https://openalex.org/W4313066017","https://openalex.org/W3131568201","https://openalex.org/W1964740600","https://openalex.org/W2297949281","https://openalex.org/W4381785649","https://openalex.org/W2884946294","https://openalex.org/W4226494072","https://openalex.org/W3133364053"],"abstract_inverted_index":{"TrustScope":[0,29,103,142],"is":[1,98],"a":[2,4],"new,":[3],"practical":[5],"approach":[6],"to":[7,33,46,49,79,104],"identifying":[8],"vulnerabilities":[9,107],"in":[10,157],"printer":[11,67,96,133,159],"firmware":[12,24,68],"without":[13,122],"actually":[14],"touching":[15],"the":[16,20,23,26,35,40,50,66,80,83,87,91],"firmware.":[17],"By":[18],"exploiting":[19],"trust":[21],"between":[22],"and":[25,64,125,127,137,179],"device":[27],"drivers,":[28],"analyzes":[30],"driver":[31,36],"software":[32],"identify":[34],"endpoints":[37],"that":[38,111],"output":[39],"page":[41],"description":[42],"language":[43],"(PDL)":[44],"code":[45,72],"be":[47],"sent":[48],"printer,":[51],"extracts":[52],"key":[53,117],"constraints":[54],"for":[55],"this":[56],"output,":[57],"generates":[58],"new":[59],"inputs":[60,76],"violating":[61],"these":[62,75],"constraints,":[63],"fuzzes":[65],"with":[69,74,144],"malicious":[70],"PDL":[71,84],"composed":[73],"yet":[77],"conforming":[78],"grammar":[81],"of":[82,94,116,141,169],"accepted":[85],"by":[86],"printer.":[88],"To":[89],"accommodate":[90],"black-box":[92],"nature":[93],"printers,":[95],"behavior":[97,156],"observed":[99],"strictly":[100],"externally,":[101],"allowing":[102],"detect":[105],"more":[106],"than":[108],"only":[109],"those":[110],"produce":[112],"crashes.":[113],"A":[114],"variety":[115],"optimizations,":[118],"such":[119],"as":[120],"fuzzing":[121],"consuming":[123],"paper":[124],"ink,":[126],"offline":[128],"test":[129,152],"case":[130,153],"generation,":[131],"make":[132],"vulnerability":[134],"detection":[135],"feasible":[136],"practical.":[138],"An":[139],"implementation":[140],"tested":[143],"8":[145],"different":[146],"printers":[147,163],"reveals":[148],"at":[149],"least":[150],"one":[151],"causing":[154],"anomalous":[155],"every":[158],"tested.":[160],"For":[161],"most":[162],"it":[164],"finds":[165],"multiple":[166],"vulnerabilities,":[167],"6":[168],"which":[170],"have":[171],"been":[172],"assigned":[173],"CVE":[174],"numbers,":[175],"including":[176],"buffer":[177],"overflow":[178],"information":[180],"disclosure.":[181]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}