{"id":"https://openalex.org/W4366386843","doi":"https://doi.org/10.1007/s11277-023-10431-2","title":"A Call for Mandatory Input Validation and Fuzz Testing","display_name":"A Call for Mandatory Input Validation and Fuzz Testing","publication_year":2023,"publication_date":"2023-04-19","ids":{"openalex":"https://openalex.org/W4366386843","doi":"https://doi.org/10.1007/s11277-023-10431-2"},"language":"en","primary_location":{"id":"doi:10.1007/s11277-023-10431-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s11277-023-10431-2","pdf_url":"https://link.springer.com/content/pdf/10.1007/s11277-023-10431-2.pdf","source":{"id":"https://openalex.org/S49967189","display_name":"Wireless Personal Communications","issn_l":"0929-6212","issn":["0929-6212","1572-834X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Wireless Personal Communications","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s11277-023-10431-2.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016736781","display_name":"Geir M. K\u00f8ien","orcid":"https://orcid.org/0000-0002-7363-0076"},"institutions":[{"id":"https://openalex.org/I2801380234","display_name":"University of South-Eastern Norway","ror":"https://ror.org/05ecg5h20","country_code":"NO","type":"education","lineage":["https://openalex.org/I2801380234"]}],"countries":["NO"],"is_corresponding":true,"raw_author_name":"Geir M. K\u00f8ien","raw_affiliation_strings":["Department of Microsystems, University of South-Eastern Norway, Horten, Norway"],"raw_orcid":"https://orcid.org/0000-0002-7363-0076","affiliations":[{"raw_affiliation_string":"Department of Microsystems, University of South-Eastern Norway, Horten, Norway","institution_ids":["https://openalex.org/I2801380234"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077025441","display_name":"Lasse \u00d8verlier","orcid":"https://orcid.org/0000-0002-7640-8446"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Lasse \u00d8verlier","raw_affiliation_strings":["Department of Information Security and Communication Technology, NTNU, Gj\u00f8vik, Norway"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Information Security and Communication Technology, NTNU, Gj\u00f8vik, Norway","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5016736781"],"corresponding_institution_ids":["https://openalex.org/I2801380234"],"apc_list":{"value":2490,"currency":"EUR","value_usd":3090},"apc_paid":{"value":2490,"currency":"EUR","value_usd":3090},"fwci":0.2072,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.55704148,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"140","issue":"1-2","first_page":"25","last_page":"37"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8821501731872559},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7464524507522583},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.7191731333732605},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5536945462226868},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.45451638102531433},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4511054754257202},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.39903682470321655},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2835242748260498},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.24610528349876404},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.22737768292427063},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.21087566018104553},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.1378692388534546}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8821501731872559},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7464524507522583},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.7191731333732605},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5536945462226868},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.45451638102531433},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4511054754257202},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.39903682470321655},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2835242748260498},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.24610528349876404},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.22737768292427063},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.21087566018104553},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.1378692388534546},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1007/s11277-023-10431-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s11277-023-10431-2","pdf_url":"https://link.springer.com/content/pdf/10.1007/s11277-023-10431-2.pdf","source":{"id":"https://openalex.org/S49967189","display_name":"Wireless Personal Communications","issn_l":"0929-6212","issn":["0929-6212","1572-834X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Wireless Personal Communications","raw_type":"journal-article"},{"id":"pmh:oai:openarchive.usn.no:11250/3125333","is_oa":true,"landing_page_url":"https://hdl.handle.net/11250/3125333","pdf_url":"https://openarchive.usn.no/usn-xmlui/bitstream/11250/3125333/1/s11277-023-10431-2.pdf","source":{"id":"https://openalex.org/S4306401716","display_name":"Duo Research Archive (University of Oslo)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I184942183","host_organization_name":"University of Oslo","host_organization_lineage":["https://openalex.org/I184942183"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"13","raw_type":"info:eu-repo/semantics/other"},{"id":"pmh:oai:ntnuopen.ntnu.no:11250/3125018","is_oa":true,"landing_page_url":"https://hdl.handle.net/11250/3125018","pdf_url":null,"source":{"id":"https://openalex.org/S4306401716","display_name":"Duo Research Archive (University of Oslo)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I184942183","host_organization_name":"University of Oslo","host_organization_lineage":["https://openalex.org/I184942183"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"13","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1007/s11277-023-10431-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s11277-023-10431-2","pdf_url":"https://link.springer.com/content/pdf/10.1007/s11277-023-10431-2.pdf","source":{"id":"https://openalex.org/S49967189","display_name":"Wireless Personal Communications","issn_l":"0929-6212","issn":["0929-6212","1572-834X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Wireless Personal Communications","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6299999952316284,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4366386843.pdf"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W1570445666","https://openalex.org/W2002934700","https://openalex.org/W2032230066","https://openalex.org/W2052363833","https://openalex.org/W2059661362","https://openalex.org/W2113730959","https://openalex.org/W2767007754","https://openalex.org/W2772336084","https://openalex.org/W2798388185","https://openalex.org/W2963934162","https://openalex.org/W3005594826","https://openalex.org/W3005846585","https://openalex.org/W4225729324","https://openalex.org/W4283789005","https://openalex.org/W6606430823","https://openalex.org/W7071296494"],"related_works":["https://openalex.org/W2252827360","https://openalex.org/W4323054491","https://openalex.org/W2547256600","https://openalex.org/W2062583373","https://openalex.org/W69814908","https://openalex.org/W896362041","https://openalex.org/W2399088936","https://openalex.org/W4226059543","https://openalex.org/W4200068367","https://openalex.org/W4366386843"],"abstract_inverted_index":{"Abstract":[0],"The":[1,22,92],"on-going":[2],"digitalization":[3],"of":[4,17,102],"our":[5],"critical":[6],"infrastructures":[7],"is":[8,12,94],"progressing":[9],"fast.":[10],"There":[11],"also":[13],"a":[14,41,87,108],"growing":[15],"trend":[16],"serious":[18],"and":[19,28,32,37,72,83,104],"disrupting":[20],"cyber-attacks.":[21],"digital":[23],"services":[24,40,47,63],"are":[25],"often":[26],"fragile,":[27],"with":[29,64],"many":[30,51,70],"weaknesses":[31],"vulnerabilities.":[33],"This":[34],"makes":[35],"exploiting":[36],"attacking":[38],"the":[39,46,62],"little":[42],"too":[43],"easy.":[44],"If":[45],"verifies":[48],"all":[49],"inputs,":[50,66],"security":[52,71],"threats":[53],"will":[54,68],"be":[55],"avoided.":[56],"Similarly,":[57],"if":[58],"one":[59,67],"diligently":[60],"tests":[61],"malformed":[65],"uncover":[69],"software":[73],"quality":[74],"problems.":[75],"In":[76],"this":[77],"paper":[78],"we":[79],"investigate":[80],"\u201cinput":[81],"validation\u201d":[82],"\u201cfuzz":[84],"testing\u201d":[85],"as":[86,107],"means":[88],"to":[89,99,105],"improve":[90],"security.":[91],"aim":[93],"not":[95],"exhaustive":[96],"coverage,":[97],"but":[98],"provide":[100],"indications":[101],"usefulness":[103],"serve":[106],"call":[109],"for":[110],"action.":[111]},"counts_by_year":[{"year":2024,"cited_by_count":1}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}