PBearson | Bryan Pearson
Welcome to my webpage! I am a cybersecurity researcher at Sandia National Laboratories. I received my Ph.D in Computer Science from the University of Central Florida in Spring 2023. My dissertation is posted here.
Prior to UCF, I received my Bachelor of Science from Stetson University in May 2018.
You can check out some of my former research projects, my CV, and contact information through this webpage.
MQTT is a popular communication protocol used to interconnect devices with considerable network restraints, such as those found in Internet of Things (IoT). MQTT directly impacts thousands of devices, but the software security of its server implementations is not well studied. This project designs, implements, and evaluates a novel fuzz testing model for MQTT. The fuzzer combines aspects of mutation guided fuzzing and generation guided fuzzing to rigorously exhaust the MQTT protocol and identify vulnerabilities in servers. We introduce Markov chains for mutation guided fuzzing and generation guided fuzzing that model the fuzzing engine according to a finite Bernoulli process. We implement "response feedback", a novel technique which monitors network and console activity to learn which inputs trigger new responses from the broker.
In total, we found 7 major vulnerabilities across 9 different MQTT implementations, including 6 zero-day vulnerabilities and 2 CVEs. Our experiments demonstrate that when fuzzing these popular MQTT targets, our fuzzer compares favorably with other state-of-the-art fuzzing frameworks, such as BooFuzz and AFLNet.
This work was accepted to INFOCOM 2022. The source code will be posted soon.
This is just a collection of the top fuzzing papers in the literature. Currently, it only documents papers from the following conferences: IEEE S&P, ACM CCS, USENIX, and ISOC NDSS. Papers from 2015 and earlier are not included. I have done my best to provide an accurate summary for each paper, which you can think of as an alternative to the paper's abstract. This is still a work-in-progress, and contributions are welcome.
The repository can be found here.
In this paper, we explore the use of microcontrollers (MCUs) and crypto coprocessors to secure IoT applications, and show how developers may implement a low-cost platform that provides protects private keys against software attacks. We first demonstrate the plausibility of format string attacks on the ESP32, a popular MCU from Espressif that uses the Harvard architecture. The format string attacks can be used to remotely steal private keys hard-coded in the firmware. We then present a framework termed SIC 2 (Securing IoT with Crypto Coprocessors), for secure key provisioning that protects end users' private keys from both software attacks and untrustworthy manufacturers. As a proof of concept, we pair the ESP32 with the low-cost ATECC608A cryptographic coprocessor by Microchip and connect to Amazon Web Services (AWS) and Amazon Elastic Container Service (EC2) using a hardware-protected private key, which provides the security features of TLS communication including authentication, encryption and integrity.
We have developed a prototype and performed extensive experiments that show that the ATECC608A crypto chip may significantly reduce the TLS handshake time by as much as 82% with the remote server, and it may lower the total energy consumption of the system by up to 70%.
More project updates coming soon...