Vulcan:通过状态感知模糊测试了解可穿戴设备的可靠性

Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services Pub Date : 2020-06-15 DOI:10.1145/3386901.3388916

E. Yi, Heng Zhang, A. Maji, Kefan Xu, S. Bagchi

{"title":"Vulcan:通过状态感知模糊测试了解可穿戴设备的可靠性","authors":"E. Yi, Heng Zhang, A. Maji, Kefan Xu, S. Bagchi","doi":"10.1145/3386901.3388916","DOIUrl":null,"url":null,"abstract":"As we look to use Wear OS (formerly known as Android Wear) devices for fitness and health monitoring, it is important to evaluate the reliability of its ecosystem. The goal of this paper is to understand the reliability weak spots in Wear OS ecosystem. We develop a state-aware fuzzing tool, Vulcan, without any elevated privileges, to uncover these weak spots by fuzzing Wear OS apps. We evaluate the outcomes due to these weak spots by fuzzing 100 popular apps downloaded from Google Play Store. The outcomes include causing specific apps to crash, causing the running app to become unresponsive, and causing the device to reboot. We finally propose a proof-of-concept mitigation solution to address the system reboot issue.","PeriodicalId":345029,"journal":{"name":"Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Vulcan: lessons on reliability of wearables through state-aware fuzzing\",\"authors\":\"E. Yi, Heng Zhang, A. Maji, Kefan Xu, S. Bagchi\",\"doi\":\"10.1145/3386901.3388916\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As we look to use Wear OS (formerly known as Android Wear) devices for fitness and health monitoring, it is important to evaluate the reliability of its ecosystem. The goal of this paper is to understand the reliability weak spots in Wear OS ecosystem. We develop a state-aware fuzzing tool, Vulcan, without any elevated privileges, to uncover these weak spots by fuzzing Wear OS apps. We evaluate the outcomes due to these weak spots by fuzzing 100 popular apps downloaded from Google Play Store. The outcomes include causing specific apps to crash, causing the running app to become unresponsive, and causing the device to reboot. We finally propose a proof-of-concept mitigation solution to address the system reboot issue.\",\"PeriodicalId\":345029,\"journal\":{\"name\":\"Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-06-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3386901.3388916\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3386901.3388916","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

当我们希望使用Wear OS(以前称为Android Wear)设备进行健身和健康监测时，评估其生态系统的可靠性非常重要。本文的目的是了解Wear OS生态系统的可靠性弱点。我们开发了一个状态感知模糊测试工具Vulcan，它没有任何特权，可以通过模糊测试Wear OS应用程序来发现这些弱点。我们通过对Google Play Store下载的100款热门应用进行模糊分析，来评估这些薄弱环节带来的结果。结果包括导致特定应用程序崩溃，导致正在运行的应用程序无响应，以及导致设备重新启动。我们最后提出了一个概念验证缓解解决方案来解决系统重启问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Vulcan: lessons on reliability of wearables through state-aware fuzzing

As we look to use Wear OS (formerly known as Android Wear) devices for fitness and health monitoring, it is important to evaluate the reliability of its ecosystem. The goal of this paper is to understand the reliability weak spots in Wear OS ecosystem. We develop a state-aware fuzzing tool, Vulcan, without any elevated privileges, to uncover these weak spots by fuzzing Wear OS apps. We evaluate the outcomes due to these weak spots by fuzzing 100 popular apps downloaded from Google Play Store. The outcomes include causing specific apps to crash, causing the running app to become unresponsive, and causing the device to reboot. We finally propose a proof-of-concept mitigation solution to address the system reboot issue.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 18th International Conference on Mobile Systems, Applications, and Services

自引率

0.00%

发文量