PAVFuzz: State-Sensitive Fuzz Testing of Protocols in Autonomous Vehicles
Hosted in Virtual Platform
DescriptionThe rapid development of in-vehicle networks and protocols brings efficient communication service but also increases the risk of attack. In this paper, we propose PAVFuzz, a state-sensitive fuzzing framework to secure those protocols used in autonomous vehicles. It can automatically learn relations between cross-state data elements and use the learned relations to conduct state-sensitive packet mutation. Experiments show that, compared with state-of-the-art fuzzers Peach and AFL, PAVFuzz increases branch coverage by averagely 22.50% and 435.86% within 24 hours. It has also exposed 12 serious previously unknown vulnerabilities in widely used protocols, such as RTPS and SOME/IP.