Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking conference presentation introducing LLFuzz, a novel over-the-air dynamic testing framework designed to discover memory corruptions in cellular baseband lower layers. Learn how this innovative approach systematically targets the PDCP, RLC, MAC, and PHY layers of cellular stacks, addressing the critical security gap in baseband testing where memory corruptions can be remotely exploited over-the-air with severe consequences including remote code execution, denial of service, and information leakage. Discover the unique challenges of testing lower layers due to their multiple channels and dynamically configurable packet structures, and understand how LLFuzz implements a channel-driven, configuration-aware fuzzing approach to systematically explore these complexities. Examine how the framework actively modifies layer-specific configurations through signaling messages to trigger diverse packet structures, particularly those rarely used in commercial networks, while leveraging 3GPP specifications to generate syntactically valid test cases capable of reaching target layers. Review the impressive evaluation results from testing 15 commercial basebands across five major vendors, which uncovered nine previously unknown memory corruptions distributed across PDCP, RLC, and MAC layers, demonstrating the framework's effectiveness in identifying critical security vulnerabilities in baseband lower layers that have received comparatively less research attention than layer 3 protocols.
