A Survey of Protocol Fuzzing

被引：0

作者：

Zhang, Xiaohan ^{[1
,2
,3
]}

Zhang, Cen ^{[4
]}

Li, Xinghua ^{[1
,2
,3
]}

Du, Zhengjie ^{[5
]}

Mao, Bing ^{[5
]}

Li, Yuekang ^{[4
]}

Zheng, Yao wen ^{[4
]}

Li, Yeting ^{[6
]}

Pan, Li ^{[7
]}

Liu, Yang ^{[4
]}

Deng, Robert ^{[8
]}

机构：

[1] Minist Educ, State Key Lab Integrated Serv Networks, Xian, Peoples R China

[2] Minist Educ, Engn Res Ctr Big Data Secur, Xian, Peoples R China

[3] Xidian Univ, Sch Cyber Engn, Xian, Peoples R China

[4] Nanyang Technol Univ, Singapore, Singapore

[5] Nanjing Univ, Nanjing, Peoples R China

[6] Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China

[7] Shanghai Jiao Tong Univ, Shanghai, Peoples R China

[8] Singapore Management Univ, Singapore, Singapore

来源：

ACM COMPUTING SURVEYS | 2025年 / 57卷 / 02期

基金：

新加坡国家研究基金会; 中国国家自然科学基金;

关键词：

Protocol; fuzz testing; security; NETWORK PROTOCOL; SYMBOLIC EXECUTION; STATE; IMPLEMENTATIONS; SECURITY;

D O I：

10.1145/3696788

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Communication protocols form the bedrock of our interconnected world, yet vulnerabilities within their implementations pose significant security threats. Recent developments have seen a surge in fuzzing-based research dedicated to uncovering these vulnerabilities within protocol implementations. However, there still lacks a systematic overview of protocol fuzzing for answering the essential questions such as what the unique challenges are, how existing works solve them, and so on. To bridge this gap, we conducted a comprehensive investigation of related works from both academia and industry. Our study includes a detailed summary of the specific challenges in protocol fuzzing and provides a systematic categorization and overview of existing research efforts. Furthermore, we explore and discuss potential future research directions in protocol fuzzing.

引用

页数：36

共 50 条

[1] A Survey on the Development of Network Protocol Fuzzing Techniques
Zhang, Zhaowei
Zhang, Hongzheng
Zhao, Jinjing
Yin, Yanfei
ELECTRONICS, 2023, 12 (13)
[2] Fuzzing: a survey
Li, Jun
Zhao, Bodong
Zhang, Chao
CYBERSECURITY, 2018, 1 (01)
[3] Fuzzing an Industrial Proprietary Protocol
Baranov, Eduard
Legay, Axel
Vivian, Martin
FORMAL METHODS FOR INDUSTRIAL CRITICAL SYSTEMS, FMICS 2024, 2024, 14952 : 119 - 135
[4] Fuzzing: A Survey for Roadmap
Zhu, Xiaogang
Wen, Sheng
Camtepe, Seyit
Xiang, Yang
ACM COMPUTING SURVEYS, 2022, 54 (11S)
[5] Fuzzing of Embedded Systems: A Survey
Yun, Joobeom
Rustamov, Fayozbek
Kim, Juhwan
Shin, Youngjoo
ACM COMPUTING SURVEYS, 2023, 55 (07)
[6] ProFuzzBench: A Benchmark for Stateful Protocol Fuzzing
Natella, Roberto
Van-Thuan Pham
ISSTA '21: PROCEEDINGS OF THE 30TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, 2021, : 662 - 665
[7] Protocol state fuzzing of TLS implementations
de Ruiter, Joeri
Poll, Erik
PROCEEDINGS OF THE 24TH USENIX SECURITY SYMPOSIUM, 2015, : 193 - 206
[8] Demystify the Fuzzing Methods: A Comprehensive Survey
Mallissery, Sanoop
Wu, Yu-Sung
ACM COMPUTING SURVEYS, 2024, 56 (03)
[9] The Art, Science, and Engineering of Fuzzing: A Survey
Manes, Valentin J. M.
Han, HyungSeok
Han, Choongwoo
Cha, Sang Kil
Egele, Manuel
Schwartz, Edward J.
Woo, Maverick
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2021, 47 (11) : 2312 - 2331
[10] Protocol Fuzzing With Specification Guided Message Generation
Li, Senyi
Li, Junqiang
Fu, Jingxuan
Xue, Mingwu
Yu, Hongfang
Sun, Gang
2021 6TH INTERNATIONAL CONFERENCE ON UK-CHINA EMERGING TECHNOLOGIES (UCET 2021), 2021, : 164 - 170

← 1 2 3 4 5 →