Analysis of Embedded Applications By Evolutionary Fuzzing
Résumé
In this paper, we propose to use fuzzing techniques to discover vulnerabilities in programs hosted into smart cards used for telecommunications or banking purposes (SIM cards, credit cards, secure element into NFC mobile devices. . . ). Those programs - called applets - usually host sensitive applications and manipulate sensitive data. A flaw by design or by implementation in one of those applet could have disastrous consequences. The proposed approach uses a genetic algorithm to optimize the vulnerabilities search. We illustrate the benefit of the proposed method on a MasterCard M/Chip applet through experimental
Domaines
Cryptographie et sécurité [cs.CR]
Origine : Fichiers produits par l'(les) auteur(s)
Loading...