Advanced Search
Turn off MathJax
Article Contents
Article Navigation >  Journal of Electronics & Information Technology  > 2025  > 
LAI Guoqing, ZHU Yuefei, CHEN Di, LU Bin, LIU Long, ZHANG Zihao. Network Protocol Fuzzing: Method Classification and Research Progress[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT250188
Citation: LAI Guoqing, ZHU Yuefei, CHEN Di, LU Bin, LIU Long, ZHANG Zihao. Network Protocol Fuzzing: Method Classification and Research Progress[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT250188
shu

Network Protocol Fuzzing: Method Classification and Research Progress

doi: 10.11999/JEIT250188 cstr: 32379.14.JEIT250188
  • 1.

    Henan Key Laboratory of Network Cryptography Technology, Information Engineering University, Zhengzhou 450001, China

  • 2.

    Key Laboratory of Cyberspace Security of Ministry of Education, Information Engineering University, Zhengzhou 450001, China

Funds:  The National Natural Science Foundation of China(62302520, 62402524)
  • Received Date: 2025-03-21
  • Rev Recd Date: 2025-08-20
    • Available Online: 2025-08-27
    Abstract
  •   Significance   Network security vulnerabilities arising from flaws in network protocol implementations cause substantial losses and adverse societal effects, exemplified by the Heartbleed vulnerability in OpenSSL (CVE-2014-0160). This flaw allows attackers to extract encryption keys from public servers, enabling decryption of traffic or unauthorized authentication on less secure systems. Approximately 500,000 internet servers are affected when the vulnerability is publicly disclosed. Against this backdrop of escalating network security risks, ensuring the security of network protocol software becomes a critical research area. Fuzzing, a software testing technique, emerges as one of the most widely used approaches for identifying vulnerabilities in network protocol implementations due to its ease of deployment and high efficiency. The core concept of fuzzing is to improve software security by generating and sending crafted test cases to the target program. Despite significant progress in this field, Network Protocol Fuzzing (NPF) still faces technical challenges. Currently, no systematic and up-to-date review of NPF research exists, limiting researchers’ ability to grasp recent advances. This paper conducts a comprehensive review of NPF techniques, aiming to provide researchers in the field of network protocol security with valuable references for tool selection and optimization.  Progress   Since the proposal of AFLNET in 2020, considerable progress occurs in the field of NPF, addressing key challenges such as protocol packet construction, protocol state awareness, and network communication efficiency optimization. Specifically, for protocol packet construction, researchers propose machine learning-based packet generation methods that integrate both generation and mutation strategies. Mutation operators and guidance techniques are designed to target specific protocol characteristics. In terms of protocol state awareness, state tracking capabilities are enhanced through state variable capture and state model construction. Furthermore, state fuzzing has been widely employed to detect state machine bugs. For protocol stack efficiency optimization, researchers improve testing efficiency by refining communication mechanisms and applying snapshot techniques.  Conclusions  To comprehensively summarize the research progress in NPF, this paper first clarifies the unique characteristics of network protocol software compared with other fuzzing targets. These characteristics include strict protocol message formats, asynchronous network interactions, and complex protocol state maintenance. A problem-oriented classification framework for NPF is proposed, structured around three core challenges: protocol packet construction, protocol state awareness, and protocol stack efficiency optimization. Based on this framework, research advancements in NPF over the past eight years are systematically reviewed, with a technical analysis of the capabilities, and limitations of existing approaches. This review highlights several key challenges in the field. For input construction, major limitations include weak validity of generated inputs, input space explosion, and restrictions imposed by encryption and authentication mechanisms. In terms of state awareness, the field faces insufficient protocol state space exploration and low levels of test intelligence and automation. Regarding performance optimization, technical challenges include slow network communication speed, limited scalability across different protocol implementations, and inadequate adaptability to complex network environments. This study provides both theoretical foundations and practical references to guide future research and technological development in the NPF domain.  Prospects   Future research in NPF can integrate emerging technologies such as Artificial Intelligence (AI) to enhance the intelligence and automation of testing processes. For example, combining AI methods with program analysis techniques may enable a deeper understanding of protocol behavior and more efficient generation of test packets. Developing state representations tailored to different protocol characteristics, implementing real-time protocol state mapping, and applying state prediction and reasoning based on LLM can further improve the efficiency and applicability of NPF tools. In addition, introducing technologies such as parallelization, distributed computing, modular test architectures, and integrated network simulation with virtualization can significantly enhance testing scalability and adaptability. Through the integration of emerging technologies and interdisciplinary research, NPF is expected to play an increasingly critical role in network protocol security, providing robust technical support for building secure and reliable network environments.
    • FullText(HTML)
  • loading
    • References(80)
  • [1]
    张协力, 祝跃飞, 顾纯祥, 等. C2P: 基于Pi演算的协议C代码形式化抽象方法和工具[J]. 软件学报, 2021, 32(6): 1581–1596. doi: 10.13328/j.cnki.jos.006238.

    ZHANG Xieli, ZHU Yuefei, GU Chunxiang, et al. C2P: Formal abstraction method and tool for C protocol code based on Pi caculus[J]. Journal of Software, 2021, 32(6): 1581–1596. doi: 10.13328/j.cnki.jos.006238.
    [2]
    ARCILE J and ANDRÉ É. Timed automata as a formalism for expressing security: A survey on theory and practice[J]. ACM Computing Surveys, 2023, 55(6): 127. doi: 10.1145/3534967.
    [3]
    FITERAU-BROSTEAN P, JONSSON B, SAGONAS K, et al. Automata-based automated detection of state machine bugs in protocol implementations[C]. Proceedings of 2023 Network and Distributed System Security Symposium. Internet Society (NDSS), San Diego, USA, 2023. doi: 10.14722/ndss.2023.23068.
    [4]
    潘璠, 吴礼发, 杜有翔, 等. 协议逆向工程研究进展[J]. 计算机应用研究, 2011, 28(8): 2801–2806. doi: 10.3969/j.issn.1001-3695.2011.08.001.

    PAN Fan, WU Lifa, DU Youxiang, et al. Overviews on protocol reverse engineering[J]. Application Research of Computers, 2011, 28(8): 2801–2806. doi: 10.3969/j.issn.1001-3695.2011.08.001.
    [5]
    SIJA B D, GOO Y H, SHIM K S, et al. A survey of automatic protocol reverse engineering approaches, methods, and tools on the inputs and outputs view[J]. Security and Communication Networks, 2018, 2018(1): 8370341. doi: 10.1155/2018/8370341.
    [6]
    MILLER B P, FREDRIKSEN L, and SO B. An empirical study of the reliability of UNIX utilities[J]. Communications of the ACM, 1990, 33(12): 32–44. doi: 10.1145/96267.96279.
    [7]
    PHAM V T, BOHME M, and ROYCHOUDHURY A. AFLNET: A greybox fuzzer for network protocols[C]. Proceedings of 2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST), Porto, Portugal, 2020: 460–465. doi: 10.1109/ICST46399.2020.00062.
    [8]
    NATELLA R and PHAM V T. ProFuzzBench: A benchmark for stateful protocol fuzzing[C]. Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2021: 662–665. doi: 10.1145/3460319.3469077.
    [9]
    MENG R J, MIRCHEV M, BÖHME M, et al. Large language model guided protocol fuzzing[C]. Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS), San Diego, USA, 2024. doi: 10.14722/ndss.2024.24556.
    [10]
    MANES V J M, HAN H, HAN C, et al. The art, science, and engineering of fuzzing: A survey[J]. IEEE Transactions on Software Engineering, 2021, 47(11): 2312–2331. doi: 10.1109/TSE.2019.2946563.
    [11]
    ZHU Xiaogang, WEN Sheng, CAMTEPE S, et al. Fuzzing: A survey for roadmap[J]. ACM Computing Surveys, 2022, 54(S11): 230. doi: 10.1145/3512345.
    [12]
    HU Zhihao and PAN Zulie. A systematic review of network protocol fuzzing techniques[C]. Proceedings of 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), Chongqing, China, 2021: 1000–1005. doi: 10.1109/IMCEC51613.2021.9482063.
    [13]
    DANIELE C, ANDARZIAN S B, and POLL E. Fuzzers for stateful systems: Survey and research directions[J]. ACM Computing Surveys, 2024, 56(9): 222. doi: 10.1145/3648468.
    [14]
    JIANG Shihao, ZHANG Yu, LI Junqiang, et al. A survey of network protocol fuzzing: Model, techniques and directions[J]. arXiv: 2402.17394, 2024. doi: 10.48550/arXiv.2402.17394. (查阅网上资料,不确定文献类型及格式是否正确,请确认).
    [15]
    ZHANG Xiaohan, ZHANG Cen, LI Xinghua, et al. A survey of protocol fuzzing[J]. ACM Computing Surveys, 2024, 57(2): 35. doi: 10.1145/3696788.
    [16]
    MUNEA T L, LIM H, and SHON T. Network protocol fuzz testing for information systems and applications: A survey and taxonomy[J]. Multimedia Tools and Applications, 2016, 75(22): 14745–14757. doi: 10.1007/s11042-015-2763-6.
    [17]
    BEAMAN C, REDBOURNE M, MUMMERY J D, et al. Fuzzing vulnerability discovery techniques: Survey, challenges and future directions[J]. Computers & Security, 2022, 120: 102813. doi: 10.1016/j.cose.2022.102813.
    [18]
    ZHANG Kunpeng, ZHU Xiaogang, XIAO Xi, et al. ShapFuzz: Efficient fuzzing via Shapley-guided byte selection[C]. Proceedings of 2024 Network and Distributed System Security Symposium (NDSS), San Diego, USA, 2024. doi: 10.14722/ndss.2024.23134.
    [19]
    KITCHENHAM B and CHARTERS S. Guidelines for performing systematic literature reviews in software engineering[R]. EBSE 2007–001, 2007.
    [20]
    GODEFROID P, PELEG H, and SINGH R. Learn&fuzz: Machine learning for input fuzzing[C]. Proceedings of 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), Urbana, USA, 2017: 50–59. doi: 10.1109/ASE.2017.8115618.
    [21]
    LV Wanyou, XIONG Jiawen, SHI Jianqi, et al. A deep convolution generative adversarial networks based fuzzing framework for industry control protocols[J]. Journal of Intelligent Manufacturing, 2021, 32(2): 441–457. doi: 10.1007/s10845-020-01584-z.
    [22]
    ZHAO Hui, LI Zhihui, WEI Hansheng, et al. SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective[C]. Proceedings of 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST), Xi’an, China, 2019: 59–67. doi: 10.1109/ICST.2019.00016.
    [23]
    HU Zhicheng, SHI Jianqi, HUANG Yanhong, et al. GANFuzz: A GAN-based industrial network protocol fuzzing framework[C]. Proceedings of the 15th ACM International Conference on Computing Frontiers, Ischia, Italy, 2018: 138–145. doi: 10.1145/3203217.3203241.
    [24]
    BÖTTINGER K, GODEFROID P, and SINGH R. Deep reinforcement fuzzing[C]. Proceedings of 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, USA, 2018: 116–122. doi: 10.1109/SPW.2018.00026.
    [25]
    ZHANG Zheng, CUI Baojiang, and CHEN Chen. Reinforcement learning-based fuzzing technology[M]. BAROLLI L, PONISZEWSKA-MARANDA A, and PARK H. Innovative Mobile and Internet Services in Ubiquitous Computing: Proceedings of the 14th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS-2020). Cham: Springer, 2021: 244–253. doi: 10.1007/978-3-030-50399-4_24.
    [26]
    LI Menglin, ZHU Haoran, ZHANG Haochen, et al. AFL-RL: A reinforcement learning based mutation scheduling optimization method for fuzzing[C]. Proceedings of 2023 7th International Conference on High Performance Compilation, Computing and Communications, Jinan, China, 2023: 46–55. doi: 10.1145/3606043.3606050.
    [27]
    MA Xiaoyue, LUO Lannan, and ZENG Qiang. From one thousand pages of specification to unveiling hidden bugs: Large language model assisted fuzzing of matter IoT devices[C]. Proceedings of the 33rd USENIX Security Symposium, Philadelphia, USA, 2024: 268.
    [28]
    PACHECO M L, HIPPEL M V, WEINTRAUB B, et al. Automated attack synthesis by extracting finite state machines from protocol specification documents[C]. Proceedings of 2022 IEEE Symposium on Security and Privacy (S&P), San Francisco, USA, 2022: 51–68. doi: 10.1109/SP46214.2022.9833673.
    [29]
    GOODFELLOW I J, POUGET-ABADIE J, MIRZA M, et al. Generative adversarial nets[C]. Proceedings of the 28th International Conference on Neural Information Processing Systems, Montreal, Canada, 2014: 2672–2680.
    [30]
    WU Honggang, GONG Li, LIU Ao, et al. ENIPFuzz: A SeqGAN-based EtherNet/IP protocol fuzzing test framework[C]. Proceedings of 2022 IEEE 5th International Conference on Electronics Technology (ICET), Chengdu, China, 2022: 1278–1282. doi: 10.1109/ICET55676.2022.9824256.
    [31]
    SUTSKEVER I, VINYALS O, and LE Q V. Sequence to sequence learning with neural networks[C]. Proceedings of the 28th International Conference on Neural Information Processing Systems, Montreal, Canada, 2014: 3104–3112.
    [32]
    SUN Weifeng, ZHANG Bowei, DING Jianqiao, et al. MaskFuzzer: A MaskGAN-based industrial control protocol fuzz testing framework[C]. Proceedings of 2022 IEEE International Conference on Smart Internet of Things (SmartIoT), Suzhou, China, 2022: 51–57. doi: 10.1109/SmartIoT55134.2022.00018.
    [33]
    LI Siqi, XIE Xiaofei, LIN Yun, et al. Deep learning for coverage-guided fuzzing: How far are we?[J]. IEEE Transactions on Dependable and Secure Computing, 2022: 1–13. doi: 10.1109/TDSC.2022.3200525. (查阅网上资料,未找到本条文献卷期号信息,请确认).
    [34]
    LUO Zhengxiong, ZUO Feilong, JIANG Yu, et al. Polar: Function code aware fuzz testing of ICS protocol[J]. ACM Transactions on Embedded Computing Systems, 2019, 18(S5): 93. doi: 10.1145/3358227.
    [35]
    CHEN Chu, REN Pinghong, DUAN Zhenhua, et al. SBDT: Search-based differential testing of certificate parsers in SSL/TLS implementations[C]. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, Seattle, USA, 2023: 967–979. doi: 10.1145/3597926.3598110.
    [36]
    LUO Zhengxiong, YU Junze, ZUO Feilong, et al. BLEEM: Packet sequence oriented fuzzing for protocol implementations[C]. Proceedings of the 32nd USENIX Security Symposium, Anaheim, USA, 2023: 251.
    [37]
    AMMANN M, HIRSCHI L, and KREMER S. DY fuzzing: Formal Dolev-Yao models meet cryptographic protocol fuzz testing[C]. Proceedings of 2024 IEEE Symposium on Security and Privacy (S&P), San Francisco, USA, 2024: 1481–1499. doi: 10.1109/SP54263.2024.00096.
    [38]
    BARS N, SCHLOEGEL M, SCHILLER N, et al. No peer, no cry: Network application fuzzing via fault injection[C]. Proceedings of 2024 on ACM SIGSAC Conference on Computer and Communications Security, Salt Lake City, USA, 2024: 750–764. doi: 10.1145/3658644.3690274.
    [39]
    NATELLA R. STATEAFL: Greybox fuzzing for stateful network servers[J]. Empirical Software Engineering, 2022, 27(7): 191. doi: 10.1007/s10664-022-10233-3.
    [40]
    MENG R J, DUCK G J, and ROYCHOUDHURY A. Program environment fuzzing[C]. Proceedings of 2024 on ACM SIGSAC Conference on Computer and Communications Security, Salt Lake City, USA, 2024: 720–734. doi: 10.1145/3658644.3690229.
    [41]
    ASCHERMANN C, SCHUMILO S, ABBASI A, et al. Ijon: Exploring deep state spaces via fuzzing[C]. Proceedings of 2020 IEEE Symposium on Security and Privacy (S&P), San Francisco, USA, 2020: 1597–1612. doi: 10.1109/SP40000.2020.00117.
    [42]
    BA Jinsheng, BÖHME M, MIRZAMOMEN Z, et al. Stateful greybox fuzzing[C]. Proceedings of the 31st USENIX Security Symposium, Boston, USA, 2022: 3255–3272.
    [43]
    PAN Zulie, ZHANG Liqun, HU Zhihao, et al. SATFuzz: A stateful network protocol fuzzing framework from a novel perspective[J]. Applied Sciences, 2022, 12(15): 7459. doi: 10.3390/app12157459.
    [44]
    WU Feifan, LUO Zhengxiong, ZHAO Yanyang, et al. Logos: Log guided fuzzing for protocol implementations[C]. Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, Vienna, Austria, 2024: 1720–1732. doi: 10.1145/3650212.3680394.
    [45]
    ZOU Yonghao, BAI Jiaju, ZHOU Jielong, et al. TCP-Fuzz: Detecting memory and semantic bugs in TCP stacks with fuzzing[C]. Proceedings of 2021 USENIX Annual Technical Conference, 2021: 489–502. (查阅网上资料, 未找到本条文献出版地信息, 请确认).
    [46]
    QIN Yinfan, LI Xiang, TIAN Jianwen, et al. Gradient- oriented gray-box protocol fuzzing[C]. Proceedings of 2021 IEEE Sixth International Conference on Data Science in Cyberspace (DSC), Shenzhen, China, 2021: 353–360. doi: 10.1109/DSC53577.2021.00056.
    [47]
    TAO Quanyu. GONet: Gradient oriented fuzzing for stateful network protocol: Improving and evaluating fuzzing efficiency of stateful protocol by mutating based on gradient information[Z]. 2023. (查阅网上资料, 不确定文献类型及格式是否正确, 请确认).
    [48]
    QIN Shisong, HU Fan, MA Zheyu, et al. NSFuzz: Towards efficient and state-aware network service fuzzing[J]. ACM Transactions on Software Engineering and Methodology, 2023, 32(6): 160. doi: 10.1145/3580598.
    [49]
    LI Junqiang, LI Senyi, SUN Gang, et al. SNPSFuzzer: A fast greybox fuzzer for stateful network protocols using snapshots[J]. IEEE Transactions on Information Forensics and Security, 2022, 17: 2673–2687. doi: 10.1109/TIFS.2022.3192991.
    [50]
    VAANDRAGER F. Model learning[J]. Communications of the ACM, 2017, 60(2): 86–95. doi: 10.1145/2967606.
    [51]
    ANGLUIN D. Learning regular sets from queries and counterexamples[J]. Information and Computation, 1987, 75(2): 87–106. doi: 10.1016/0890-5401(87)90052-6.
    [52]
    HOPCROFT J E, MOTWANI R, and ULLMAN J D. Introduction to automata theory, languages, and computation, 2nd edition[J]. ACM SIGACT News, 2001, 32(1): 60–65. doi: 10.1145/568438.568455.
    [53]
    CHOW T S. Testing software design modeled by finite-state machines[J]. IEEE Transactions on Software Engineering, 1978, SE-4(3): 178–187. doi: 10.1109/TSE.1978.231496.
    [54]
    FUJIWARA S, BOCHMANN G V, KHENDEK F, et al. Test selection based on finite state models[J]. IEEE Transactions on Software Engineering, 1991, 17(6): 591–603. doi: 10.1109/32.87284.
    [55]
    ISBERNER M, HOWAR F, and STEFFEN B. The TTT algorithm: A redundancy-free approach to active automata learning[C]. Proceedings of the 5th International Conference on Runtime Verification, Toronto, Canada, 2014: 307–322. doi: 10.1007/978-3-319-11164-3_26.
    [56]
    RAFFELT H and STEFFEN B. LearnLib: A library for automata learning and experimentation[C]. Proceedings of the 9th International Conference on Fundamental Approaches to Software Engineering, Vienna, Austria, 2006: 377–380. doi: 10.1007/11693017_28.
    [57]
    CASSEL S, HOWAR F, and JONSSON B. RALib: A LearnLib extension for inferring EFSMs[J]. DIFTS, 2015. (查阅网上资料, 未找到本条文献刊名和卷期页码信息, 请确认).
    [58]
    BOLLIG B, KATOEN J P, KERN C, et al. libalf: The automata learning framework[C]. Proceedings of the 22nd International Conference on Computer Aided Verification, Edinburgh, UK, 2010: 360–364. doi: 10.1007/978-3-642-14295-6_32.
    [59]
    SAGONAS K and TYPALDOS T. EDHOC-Fuzzer: An EDHOC protocol state fuzzer[C]. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, Seattle, USA, 2023: 1495–1498. doi: 10.1145/3597926.3604922.
    [60]
    FITERAU-BROSTEAN P, JONSSON B, MERGET R, et al. Analysis of DTLS implementations using protocol state fuzzing[C]. Proceedings of the 29th USENIX Security Symposium, 2020: 2523–2540. (查阅网上资料, 未找到本条文献出版地信息, 请确认).
    [61]
    GUO Jiaxing, GU Chunxiang, CHEN Xi, et al. Automated state machine-based analysis of hostname verification in IPsec implementations[J]. Information Technology and Control, 2021, 50(3): 570–587. doi: 10.5755/j01.itc.50.3.27844.
    [62]
    DANIEL L A, POLL E, and DE RUITER J. Inferring OpenVPN state machines using protocol state fuzzing[C]. Proceedings of 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), London, UK, 2018: 11–19. doi: 10.1109/EuroSPW.2018.00009.
    [63]
    GUO Jiaxing, GU Chunxiang, CHEN Xi, et al. Stateful black-box fuzzing for encryption protocols and its application in IPsec[J]. Computer Networks, 2024, 251: 110605. doi: 10.1016/j.comnet.2024.110605.
    [64]
    FITERĂU-BROŞTEAN P, JANSSEN R, and VAANDRAGER F. Combining model learning and model checking to analyze TCP implementations[C]. Proceedings of the 28th International Conference on Computer Aided Verification, Toronto, Canada, 2016: 454–471. doi: 10.1007/978-3-319-41540-6_25.
    [65]
    FITERĂU-BROŞTEAN P, LENAERTS T, POLL E, et al. Model learning and model checking of SSH implementations[C]. Proceedings of the 24th ACM SIGSOFT International SPIN Symposium on Model Checking of Software, Santa Barbara, USA, 2017: 142–151. doi: 10.1145/3092282.3092289.
    [66]
    WANG Qinying, JI Shouling, TIAN Yuan, et al. MPInspector: A systematic and automatic approach for evaluating the security of IoT messaging protocols[C]. Proceedings of the 30th USENIX Security Symposium (USENIX Security 21), 2021: 4205–4222. (查阅网上资料, 未找到本条文献出版地信息, 请确认).
    [67]
    FITERĂU-BROŞTEAN P, JONSSON B, SAGONAS K, et al. SMBugFinder: An automated framework for testing protocol implementations for state machine bugs[C]. Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, Vienna, Austria, 2024: 1866–1870. doi: 10.1145/3650212.3685310.
    [68]
    ZHAO Dongliang, GUO Jiaxing, GU Chunxiang, et al. AGLFuzz: Automata-guided fuzzing for detecting logic errors in security protocol implementations[J]. Computers & Security, 2025, 149: 103979. doi: 10.1016/j.cose.2024.103979.
    [69]
    STONE C M, THOMAS S L, VANHOEF M, et al. The closer you look, the more you learn: A grey-box approach to protocol state machine learning[C]. Proceedings of 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, USA, 2022: 2265–2278. doi: 10.1145/3548606.3559365.
    [70]
    GUO Jiaxing, ZHAO Dongliang, GU Chunxiang, et al. An enhanced state-aware model learning approach for security analysis in lightweight protocol implementations[J]. Journal of Cloud Computing, 2024, 13(1): 28. doi: 10.1186/s13677-024-00593-0.
    [71]
    ANDRONIDIS A and CADAR C. SnapFuzz: High-throughput fuzzing of network applications[C]. Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 2022: 340–351. doi: 10.1145/3533767.3534376. (查阅网上资料,未找到本条文献出版地信息,请确认).
    [72]
    WU Biao, TANG Chaojing, and ZHANG BIN. FFUZZ: A fast fuzzing test method for stateful network protocol implementation[C]. Proceedings of 2021 2nd International Conference on Computer Communication and Network Security (CCNS), Xining, China, 2021: 75–79. doi: 10.1109/CCNS53852.2021.00023.
    [73]
    SCHUMILO S, ASCHERMANN C, JEMMETT A, et al. Nyx-net: Network fuzzing with incremental snapshots[C]. Proceedings of the Seventeenth European Conference on Computer Systems, Rennes, France, 2022: 166–180. doi: 10.1145/3492321.3519591.
    [74]
    MAIER D, BITTNER O, BEIER J, et al. FitM: Binary-only coverage-guided fuzzing for stateful network protocols[C]. Proceedings of 2022 Workshop on Binary Analysis Research, San Diego, USA, 2022. doi: 10.14722/bar.2022.23008.
    [75]
    FIORALDI A, MAIER D, EIßFELDT H, et al. AFL++: Combining incremental steps of fuzzing research[C]. Proceedings of the 14th USENIX Conference on Offensive Technologies (WOOT 20), 2020: 10. (查阅网上资料, 未找到本条文献出版地信息, 请确认).
    [76]
    BOEHME M, CADAR C, and ROYCHOUDHURY A. Fuzzing: Challenges and reflections[J]. IEEE Software, 2021, 38(3): 79–86. doi: 10.1109/MS.2020.3016773.
    [77]
    KAUFMAN C, HOFFMAN P, NIR Y, et al. RFC 7296: Internet Key Exchange Protocol Version 2 (IKEv2). RFC Editor, 2014. (查阅网上资料, 未找到本条文献出版地信息, 请确认).
    [78]
    WEI Haiyang, CHEN Ligeng, DU Zhengjie, et al. Unleashing the power of LLM to infer state machine from the protocol implementation[J]. arXiv preprint arXiv: 2405.00393, 2024. doi: 10.48550/arXiv.2405.00393.(查阅网上资料,不确定文献类型及格式是否正确,请确认).
    [79]
    FIORALDI A, MAIER D C, ZHANG Dongjia, et al. LibAFL: A framework to build modular and reusable fuzzers[C]. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, USA, 2022: 1051–1065. doi: 10.1145/3548606.3560602.
    [80]
    PFRANG S, MEIER D, FLEIG A, et al. A meta model for a comprehensive description of network protocols improving security tests[C]. Proceedings of the 6th International Conference on Information Systems Security and Privacy, Valletta, Malta, 2020: 671–682. doi: 10.5220/0009150206710682.
    • Relative Articles
    • Supplements(0)
    • Cited By
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(7)  / Tables(8)

    Get Citation
    PDF
    XML

    Article Metrics

    Article views (105) PDF downloads(12) Cited by()
    Proportional views
    Related

    © 2018 JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY 京ICP备20021838号-8

    Institute of Electronics, Chinese Academy of Sciences, P.O.Box 2702, Beijing100190

    Tel:010-58887066Fax:021-64253812Email:jeit@mail.ie.ac.cn

    Supported by: Beijing Renhe Information Technology Co. Ltd

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return