Automated Identification and Emulation of Web Service Binaries Extracted from IoT Linux Firmware Samples (several BAs/MAs are possible)
The IoT is exposed to ongoing malicious attacks. The large set of diverse hardware and software combined with the neglection of security best practices, such as the use of the same default credentials on all devices, the often non-existent update policies, and the lack of software hardening techniques render IoT and IIoT devices an ideal target for attackers.
AppSec Team
Check if source code/binary is prone to fault injection and patch source code/binary with countermeasures
Idea Can we check with a static analyzer if a source code or a binary is prone to fault injection (e.g. voltage FI)? Can we patch the source code / binary (https://research.
AppSec Team
Nyx-Net on Embedded Systems
The Nyx fuzzer is a fuzzing project built around current top-research the field of fuzzing. A sub-project, Nyx-Net, provides a full-VM snapshot fuzzer for complex network-based targets. An interesting direction of research is how one could take Nyx-Net and extend it to work with embedded systems protocols, e.