Barredo, Jorge; Petke, Justyna; Clark, David; Blackwell, Dan; Eceiza, Maialen; Iturbe, Mikel; Flores, Jose Luis; (2025) GAFLERNA Ahoy! Integrating EM Side-Channel Analysis into Traditional Fuzzing Workflows. In: Proceedings of the 33rd ACM International Conference on the Foundations of Software Engineering (FSE Companion ’25). (pp. pp. 550-554). ACM

Preview

Text Clark_3696630.3728497.pdf Download (778kB) | Preview

Abstract

Fuzzing, a powerful tool for vulnerability discovery, is limited by the coarse-grained, binary nature of its crash detection oracle. The use of sanitizers strengthens this oracle but requires recompilation or binary rewriting, and is limited to known patterns of vulnerabilities. We investigate an alternative way to strengthen the implicit oracle that is suitable for small (IoT-sized) devices: electromagnetic (EM) side-channel analysis. By integrating this into a fuzzing campaign we are able to detect anomalous program states through physical execution patterns. GAFLERNA, our EM-enhanced AFL++ framework, achieves a 87% correlation with sanitizer findings in the best case, without modifying the executable, while discovering 104 new paths to known crashes across four real-world programs. This reveals the potential for hardware-level feedback to extend fuzzing and analyse IoT programs where only the binary code is available.

Download activity - last month

Export as JSONCSVXML

Download activity - last 12 months

Export as CSVXMLJSON

Downloads by country - last 12 months

Export as JSONCSVXML

Archive Staff Only

View Item