Fuzzing Matter(s): A White Paper for Fuzzing the Matter Protocol

Marcello Maugeri

doi:10.5220/0012469200003648

Fuzzing Matter(s): A White Paper for Fuzzing the Matter Protocol

Marcello Maugeri

2024

Abstract

IoT and smart home devices have transformed daily life, consequently raising more and more concerns about security vulnerabilities. Robust security testing methods are essential to fortify devices against potential threats. While dynamic analysis techniques, such as fuzzing, help identify vulnerabilities, some challenges arise due to diverse architectures, communication channels and protocols. Testing directly on devices overcomes difficulties in firmware emulation, but lack of protocol standardisation still poses hurdles. The recently released Matter protocol aims to unify smart home ecosystems, thus also simplifying security testing. In particular, Matter inherits the concept of Cluster from Zigbee in its Data Model. The Data Model clearly defines attributes, commands, status codes and events that could be leveraged to design automated security testing techniques such as fuzzing. This paper proposes the design of a fuzzing framework for Matter-enabled smart home devices. The framework employs stateful fuzzing to cover the inherent state-fullness of IoT devices. Such a framework would bestow benefits upon manufacturers, researchers, and end-users.

Download

Paper Citation

in Harvard Style

Maugeri M. (2024). Fuzzing Matter(s): A White Paper for Fuzzing the Matter Protocol. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 446-451. DOI: 10.5220/0012469200003648

in Bibtex Style

@conference{icissp24,
author={Marcello Maugeri},
title={Fuzzing Matter(s): A White Paper for Fuzzing the Matter Protocol},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={446-451},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012469200003648},
isbn={978-989-758-683-5},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Fuzzing Matter(s): A White Paper for Fuzzing the Matter Protocol
SN - 978-989-758-683-5
AU - Maugeri M.
PY - 2024
SP - 446
EP - 451
DO - 10.5220/0012469200003648
PB - SciTePress