# Source Extract: Patents (IoTFirmFuzz, IoTHybridFuzzer), UART Paper, BugMiner
AI Summary
Purpose:
- Structured, verbatim extraction notes from the primary PDFs for the two patents, the UART conference paper, and the BugMiner reference paper.
Key points:
- Patent 1 (IoTFirmFuzz): application 10-2020-0089416, filed 2020.07.20, GRANTED (특허결정서 2021.01.25).
- Patent 2 (IoTHybridFuzzer): application 10-2021-0040963, filed 2021.03.30, status = filed (no grant decision among sources).
- UART paper: 2019 정보보호 하계학술대회 (KIISC summer conference), authors Hyunwook Kim, Joobeom Yun.
- BugMiner: Electronics 2021, 10, 62 — Hyunwook Kim IS a co-author (4th of 5).
- The terms "Backward Climbing" and "FIRM-COV" do NOT appear in any of the supplied patent PDFs (Needs confirmation; see Open Questions).
Relevant when:
- Writing or verifying any academic/patent wiki page; need exact numbers, dates, inventor lists.
Do not read full document unless:
- The derived wiki pages (patents.md, iotfirmfuzz.md, etc.) already answer the question.
Linked documents:
- [[../../wiki/academic/patents]]
- [[../../wiki/academic/iotfirmfuzz]]
- [[../../wiki/academic/iothybridfuzzer]]
- [[../../wiki/academic/uart-firmware-acquisition]]
Open Questions
- "Backward Climbing": the task brief names IoTFirmFuzz's method "Backward Climbing", but this string is absent from the 출원서, 최종명세서, 특허결정서, and 발명의내용설명서. The documented core methods are (a) Combined Emulation (system-mode + user-mode emulation) and (b) PSO (Particle Swarm Optimization) based mutation-operator optimization. "Backward Climbing" — Needs confirmation (may be an external name or a later thesis term).
- "FIRM-COV": not present in any supplied PDF. Relationship of IoTFirmFuzz to FIRM-COV — Needs confirmation.
- Patent 2 grant status: only the 출원번호통지서/출원서 PDF was supplied; no 특허결정서. Treated as "filed / under examination" — Needs confirmation of final status.
- IoTHybridFuzzer detailed claims: drafts are .hwp (unreadable). Summary below is from the readable 출원서 PDF body only.
Details
Patent 1 — IoTFirmFuzz (internal id IP-2020-141-KR)
From 출원번호통지서 / 출원서 (IP-2020-141-KR_출원번호통지서 및 출원서.pdf):
- 출원일자 (filing date): 2020.07.20
- 출원번호 (application number): 10-2020-0089416 (접수번호 1-1-2020-0751331-95)
- 특기사항: 심사청구(유) 공개신청(무) 참조번호(06033)
- 출원인 (applicant): 세종대학교산학협력단 (Sejong University Industry-Academy Cooperation Foundation), 특허고객번호 2-2005-011470-2
- 대리인 (agent): 두호특허법인 (지정된변리사: 박국진, 노준태, 장영태)
- 발명자 (inventors, as printed order): 윤주범 (YUN, Joo Beom) / 김현욱 (KIM, Hyun Wook) / 김주환 (KIM, Ju Hwan)
- 발명의 국문명칭 (printed Korean title on 출원서): 펌웨어 퍼징 장치 및 방법
- 발명의 영문명칭: APPARATUS AND METHOD FOR FUZZING FIRMWARE
From 발명의내용설명서 (01 IoTFirmFuzz_발명의내용_설명서_최종.pdf) — descriptive (non-official) title:
- 복합 에뮬레이션 기법을 활용한 효율적인 커버리지 가이드 IoT 펌웨어 퍼징 시스템 및 방법
- (Efficient coverage-guided IoT firmware fuzzing system and method therefor using combined emulation)
- System name used internally: IoTFirmFuzz
- Drawings: 도1 overall system architecture; 도2 seed generation; 도3 operation flowchart.
From 특허결정서 (10-2020-0089416-특허결정서.pdf) — GRANT DECISION:
- "이 출원에 대하여 특허법 제66조에 따라 특허결정합니다." (patent decision granted)
- 출원번호: 10-2020-0089416
- 발명의 명칭: 펌웨어 퍼징 장치 및 방법
- 청구항 수 (number of claims): 10
- 발송일자 (dispatch date): 2021.01.25 (발송번호 9-5-2021-006645213)
- 선출원 검색 기준일: 2021.01.22
- 심사기관: 특허청 융복합기술심사국 인공지능빅데이터심사과, 심사관 홍경아
- 발명자 (confirmed on grant): 윤주범, 김현욱, 김주환
- 참고문헌 cited: 1. KR1020200080541 A; 2. 오성권 외, '입자 군집 최적화를 이용한 FCM 기반 퍼지 모델의 동정 방법론', 전기학회논문지 60권 1호, 2011.01; 3. KR1020090044656 A; 4. KR1020190041912 A
- 특허료 납부예정(1~3년차): 435,000원 (감면 전)
- NOTE: registration number (등록번호) not present in supplied sources — Needs confirmation.
Technical content (from 발명의내용설명서 + 최종명세서):
- Problem: existing firmware emulation fuzzing has poor speed/compatibility vs. general software fuzzing; mutation-based fuzzers waste time in mutation stage 1 and pick inefficient mutation operators in stage 2 (random selection among 8 operators).
- Method: Combined Emulation — target firmware run under Full System Mode Emulation; the network program's process memory is saved to a RAM File; the fuzzer then runs that process under User Mode Emulation; a mutation-based fuzzer fuzzes it. Unhandleable syscalls in user mode are detected, state is saved, handed back to system mode emulation to process the syscall, then migrated back to user mode.
- Optimization: reduces mutation count in stage 1; applies PSO (Particle Swarm Optimization) in mutation stage 2 to select efficient mutation operators, widening code coverage.
Patent 2 — IoTHybridFuzzer (internal id IP-2021-001-KR)
From 출원번호통지서 / 출원서 (IP-2021-001-KR-출원번호통지서 및 출원서.pdf):
- 출원일자 (filing date): 2021.03.30
- 출원번호 (application number): 10-2021-0040963 (접수번호 1-1-2021-0371849-54)
- 특기사항: 심사청구(유) 공개신청(무) 참조번호(01001)
- 출원인: 세종대학교산학협력단 (2-2005-011470-2)
- 대리인: 두호특허법인 (지정된변리사: 박국진, 노준태, 장영태)
- 발명자 (inventors, printed order): 윤주범 (YUN, Joo Beom) / 김현욱 (KIM, Hyun Wook) / 김주환 (KIM, Ju Hwan)
- 발명의 국문명칭: 하이브리드 퍼징 기반의 펌웨어 취약점 검출 장치 및 방법
- 발명의 영문명칭: APPARATUS AND METHOD FOR DETECTING FIRMWARE VULNERABILIRY [sic] BASED ON HYBRID FUZZING
- 청구항: 18항 (심사청구료 18항 기준), 합계 수수료 981,000원 (감면후 490,500원)
- National R&D funding declared:
- 과제고유번호 1711075702 / 과제번호 2018-0-01423-004 / 과학기술정보통신부 / 정보통신기술진흥센터 / 연구사업명 정보통신기술인력양성 / 연구과제명 지능형 비행로봇 융합기술 연구 / 기여율 1/2 / 수행기관 세종대학교 산학협력단 / 기간 2021.01.01~2021.12.31 - 과제고유번호 1711120086 / 과제번호 2020-0-01602 / 과학기술정보통신부 / 정보통신기획평가원 / 연구사업명 대학ICT연구센터지원사업 / 연구과제명 지능형 사이버 위협 대응 기술 개발 및 인력양성 / 기여율 1/2 / 수행기관 숭실대학교 산학협력단 / 기간 2021.01.01~2021.12.31
- Status: filed / under examination (no 특허결정서 supplied). Needs confirmation of final status.
Technical content (from 출원서 발명의 설명 body):
- Background: manually analyzing per-vendor IoT firmware is near-impossible; existing fuzzing research focuses on emulation; IoT firmware fuzzing underperforms general software fuzzing; when constraint values are long/hard, mutation fuzzing wastes time repeating test-case generation at the same location.
- Insight: symbolic execution solves hard constraints quickly via a Constraint Solver, widening coverage, but consumes heavy PC resources and pure symbolic execution exhausts resources.
- Method: hybrid fuzzing combining a (mutation-based) fuzzer with symbolic/concolic execution to detect firmware vulnerabilities — balancing fuzzer throughput with the constraint-solving power of symbolic execution.
UART paper — 2019 정보보호 하계학술대회
From "임베디드 장비 펌웨어 획득을 위한 UART 연결 방법 연구.pdf":
- Title (KR): 임베디드 장비 펌웨어 획득을 위한 UART 연결 방법 연구
- Title (EN): A Study on the UART Connection Method for Acquiring Embedded Equipment Firmware
- Authors: 김현욱 (Hyunwook Kim), 윤주범 (Joobeom Yun) — 세종대학교 정보보호학과
- Venue: 2019년 정보보호 하계학술대회 (KIISC Summer Conference 2019)
- Email shown: [email protected], [email protected]
- Section structure: II related work (firmware, UART), III embedded-device connection defenses, IV 7 UART connection methods, V experiment, VI conclusion.
- Defenses against UART (Sec. III): (1) build PCB without UART port or Disable it in admin settings; (2) block the RX pin / hide RX or require bridging two pins; (3) non-standard Baud rate; (4) secret-key prompt after connect (noted common on ipTime routers); (5) device-license matching (used by large vendors).
- 7 connection methods (Sec. IV): (1) direct UART port + USB-to-TTL; (2) identify unlabeled RX/TX/GND via multimeter, VCC = square solder pad; (3) use Audio port (carries RX/TX/GND); (4) micro-USB port via USB connector; (5) solder to CPU RX/TX pins found from datasheet; (6) re-activate a blocked RX pin by bridging specific pads / find a separate RX pin; (7) use a Level Converter to match voltage.
- Experiment (Sec. V): target = D-Link router DIR-842; USB-to-TTL module = SZH-CVBE-004; terminal software = XShell 6.0.0024; identified RX/TX/VCC/GND, set Serial protocol + matched Baud Rate, established connection.
- References: [1] 임을규, "임베디드 장비 펌웨어 분석 방법", 정보과학회지 34(1), 16-21, Jan 2016; [2] Mongii/Grayhash, "임베디드 디바이스 Serial Port Hacking의 모든 것!", Feb 2016; [3] 이원준, 정보과학회지 20(7), 4-4, Jul 2002; [4] Young-ho Seo, Dong-wook Kim, "UART-to-APB Interface Circuit Design for Testing a Chip", 한국항행학회논문지 21(4), 386-393, Aug 2017.
BugMiner — reference paper (authorship VERIFIED)
From "BugMiner.pdf":
- Title: BugMiner: Mining the Hard-to-Reach Software Vulnerabilities through the Target-Oriented Hybrid Fuzzer
- Authors: Fayozbek Rustamov (1,2), Juhwan Kim (1,2), Jihyeon Yu (1), Hyunwook Kim (1), Joobeom Yun (1,* corresponding)
- VERIFIED: Hyunwook Kim (the owner) IS a co-author (4th of 5). [email protected] listed.
- Affiliations: (1) Dept. of Computer and Information Security, Sejong University; (2) Dept. of Convergence Engineering for Intelligent Drone, Sejong University.
- Venue: Electronics 2021, 10, 62. https://doi.org/10.3390/electronics10010062 (MDPI, open access, CC BY).
- Dates: Received 1 Dec 2020; Accepted 25 Dec 2020; Published 31 Dec 2020.
- Abstract gist: target-oriented hybrid fuzzer combining a fuzzer with dynamic symbolic (concolic) execution to reach target sites and trigger hard-to-reach vulnerabilities; reports triggering bugs 3.1/4.3/2.9/2.0/1.8/1.9x faster than Hawkeye, AFLGo, AFL, AFLFast, QSYM, ParmeSan respectively.
- Relation: thematically the journal counterpart to the IoTHybridFuzzer hybrid-fuzzing direction (Conflict/overlap not asserted — Needs confirmation whether BugMiner is the publication of Patent 2).