{"id":"https://openalex.org/W4412513106","doi":"https://doi.org/10.32604/cmc.2025.065672","title":"ADFEmu: Enhancing Firmware Fuzzing with Direct Memory Access (DMA) Input Emulation Using Concolic Execution and Large Language Models (LLMs)","display_name":"ADFEmu: Enhancing Firmware Fuzzing with Direct Memory Access (DMA) Input Emulation Using Concolic Execution and Large Language Models (LLMs)","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4412513106","doi":"https://doi.org/10.32604/cmc.2025.065672"},"language":"en","primary_location":{"id":"doi:10.32604/cmc.2025.065672","is_oa":true,"landing_page_url":"https://doi.org/10.32604/cmc.2025.065672","pdf_url":null,"source":{"id":"https://openalex.org/S4210191605","display_name":"Computers, materials & continua/Computers, materials & continua (Print)","issn_l":"1546-2218","issn":["1546-2218","1546-2226"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers, Materials &amp; Continua","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.32604/cmc.2025.065672","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5045874836","display_name":"Ding Yixin","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Yixin Ding","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048669237","display_name":"Xinjian Zhao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xinjian Zhao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014141188","display_name":"Zicheng Wu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zicheng Wu","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054623682","display_name":"Yichen Zhu","orcid":"https://orcid.org/0000-0001-5126-838X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yichen Zhu","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":null,"display_name":"Longkun Bai","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Longkun Bai","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5102133792","display_name":"Hao Han","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hao Han","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5045874836"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18656146,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"84","issue":"3","first_page":"5977","last_page":"5993"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9908000230789185,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9908000230789185,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.9710999727249146,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10101","display_name":"Cloud Computing and Resource Management","score":0.968500018119812,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.8971469402313232},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.8350986242294312},{"id":"https://openalex.org/keywords/emulation","display_name":"Emulation","score":0.8072822093963623},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6312762498855591},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.47897863388061523},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.38933202624320984},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3685399889945984},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.15235057473182678},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.15082639455795288}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.8971469402313232},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.8350986242294312},{"id":"https://openalex.org/C149810388","wikidata":"https://www.wikidata.org/wiki/Q5374873","display_name":"Emulation","level":2,"score":0.8072822093963623},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6312762498855591},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.47897863388061523},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.38933202624320984},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3685399889945984},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.15235057473182678},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.15082639455795288},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.32604/cmc.2025.065672","is_oa":true,"landing_page_url":"https://doi.org/10.32604/cmc.2025.065672","pdf_url":null,"source":{"id":"https://openalex.org/S4210191605","display_name":"Computers, materials & continua/Computers, materials & continua (Print)","issn_l":"1546-2218","issn":["1546-2218","1546-2226"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers, Materials &amp; Continua","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.32604/cmc.2025.065672","is_oa":true,"landing_page_url":"https://doi.org/10.32604/cmc.2025.065672","pdf_url":null,"source":{"id":"https://openalex.org/S4210191605","display_name":"Computers, materials & continua/Computers, materials & continua (Print)","issn_l":"1546-2218","issn":["1546-2218","1546-2226"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers, Materials &amp; Continua","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":6,"referenced_works":["https://openalex.org/W3020243509","https://openalex.org/W3190470290","https://openalex.org/W3200312173","https://openalex.org/W4220914871","https://openalex.org/W4400673220","https://openalex.org/W4402254369"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3111743984","https://openalex.org/W4391761545","https://openalex.org/W4312439535","https://openalex.org/W4378976979","https://openalex.org/W3118666763","https://openalex.org/W3037057426","https://openalex.org/W4362015489","https://openalex.org/W4378373752","https://openalex.org/W2354251310"],"abstract_inverted_index":{"Fuzz":[0],"testing":[1],"is":[2],"a":[3,37,80,160],"widely":[4],"adopted":[5],"technique":[6],"for":[7],"uncovering":[8],"bugs":[9],"and":[10,60,107,123,131,172,192],"security":[11],"vulnerabilities":[12],"in":[13,55,150,185,200],"embedded":[14,18,155,202],"firmware.":[15,92],"However,":[16],"many":[17],"systems":[19],"heavily":[20],"rely":[21],"on":[22,153],"peripherals,":[23,62],"rendering":[24],"conventional":[25],"fuzzing":[26,36,89],"techniques":[27],"ineffective.":[28],"When":[29],"peripheral":[30,109],"responses":[31],"are":[32],"missing":[33],"or":[34,41,70],"incorrect,":[35],"firmware":[38,83,139,156],"may":[39],"crash":[40],"exit":[42],"prematurely,":[43],"significantly":[44],"limiting":[45],"code":[46],"coverage.":[47],"While":[48],"prior":[49],"re-hosting":[50,84,162],"approaches":[51],"have":[52],"made":[53],"progress":[54],"simulating":[56],"Memory-Mapped":[57],"Input/Output":[58],"(MMIO)":[59],"interrupt-based":[61],"they":[63],"either":[64],"ignore":[65],"Direct":[66],"Memory":[67],"Access":[68],"(DMA)":[69],"handle":[71],"it":[72,114],"oversimplified.":[73],"In":[74],"this":[75],"work,":[76],"we":[77],"present":[78],"ADFEmu,":[79],"novel":[81],"automated":[82,197],"framework":[85],"that":[86],"enables":[87],"effective":[88],"of":[90,189],"DMA-enabled":[91],"ADFEmu":[93,158],"integrates":[94],"concolic":[95],"execution":[96,127,134,167],"with":[97],"large":[98],"language":[99],"models":[100],"(LLMs)":[101],"to":[102,128,140,177,195],"semantically":[103],"emulate":[104],"DMA":[105,116,190],"operations":[106],"synthesize":[108],"input":[110],"sequences":[111],"intelligently.":[112],"Specifically,":[113],"learns":[115],"transfer":[117],"patterns":[118],"from":[119],"the":[120,178],"firmware\u2019s":[121],"context":[122],"employs":[124],"guided":[125],"symbolic":[126],"explore":[129],"deeper":[130],"more":[132,174],"diverse":[133],"paths.":[135],"This":[136],"approach":[137],"allows":[138],"operate":[141],"stably":[142],"without":[143],"hardware":[144],"dependencies":[145],"while":[146],"achieving":[147],"higher":[148],"fidelity":[149],"emulation.":[151],"Evaluated":[152],"real-world":[154],"samples,":[157],"achieves":[159],"100%":[161],"success":[163],"rate,":[164],"improves":[165],"total":[166],"path":[168],"exploration":[169],"by":[170],"5.31%,":[171],"triggers":[173],"crashes":[175],"compared":[176],"state-of-the-art.":[179],"These":[180],"results":[181],"highlight":[182],"ADFEmu\u2019s":[183],"effectiveness":[184],"overcoming":[186],"long-standing":[187],"limitations":[188],"emulation":[191],"its":[193],"potential":[194],"advance":[196],"vulnerability":[198],"discovery":[199],"peripheral-rich":[201],"environments.":[203]},"counts_by_year":[],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}