{"id":"https://openalex.org/W2914954538","doi":"https://doi.org/10.1109/access.2019.2895025","title":"SPFuzz: A Hierarchical Scheduling Framework for Stateful Network Protocol Fuzzing","display_name":"SPFuzz: A Hierarchical Scheduling Framework for Stateful Network Protocol Fuzzing","publication_year":2019,"publication_date":"2019-01-01","ids":{"openalex":"https://openalex.org/W2914954538","doi":"https://doi.org/10.1109/access.2019.2895025","mag":"2914954538"},"language":"en","primary_location":{"id":"doi:10.1109/access.2019.2895025","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2895025","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08626141.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08626141.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058800138","display_name":"Congxi Song","orcid":"https://orcid.org/0000-0002-7672-0915"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Congxi Song","raw_affiliation_strings":["College of Computer, National University of Defense Technology, Changsha, China"],"raw_orcid":"https://orcid.org/0000-0002-7672-0915","affiliations":[{"raw_affiliation_string":"College of Computer, National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101715460","display_name":"Bo Yu","orcid":"https://orcid.org/0000-0001-6576-5555"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bo Yu","raw_affiliation_strings":["College of Computer, National University of Defense Technology, Changsha, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"College of Computer, National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055476418","display_name":"Xu Zhou","orcid":"https://orcid.org/0000-0002-0075-5003"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xu Zhou","raw_affiliation_strings":["College of Computer, National University of Defense Technology, Changsha, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"College of Computer, National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101803205","display_name":"Qiang Yang","orcid":"https://orcid.org/0000-0002-1032-9323"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qiang Yang","raw_affiliation_strings":["College of Computer, National University of Defense Technology, Changsha, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"College of Computer, National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5058800138"],"corresponding_institution_ids":["https://openalex.org/I170215575"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":5.2717,"has_fulltext":true,"cited_by_count":34,"citation_normalized_percentile":{"value":0.95276087,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"7","issue":null,"first_page":"18490","last_page":"18499"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.9703716039657593},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9625040292739868},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8822647929191589},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.601222038269043},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.4381934702396393},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3843853175640106},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.2945406436920166},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.2832987904548645},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2243797481060028}],"concepts":[{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.9703716039657593},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9625040292739868},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8822647929191589},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.601222038269043},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.4381934702396393},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3843853175640106},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2945406436920166},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2832987904548645},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2243797481060028},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/access.2019.2895025","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2895025","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08626141.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:55c143a44a444ad4b3cd2dc299a17deb","is_oa":true,"landing_page_url":"https://doaj.org/article/55c143a44a444ad4b3cd2dc299a17deb","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 7, Pp 18490-18499 (2019)","raw_type":"article"},{"id":"pmh:oai:repository.hkust.edu.hk:1783.1-165366","is_oa":false,"landing_page_url":"http://repository.hkust.edu.hk/ir/Record/1783.1-165366","pdf_url":null,"source":{"id":"https://openalex.org/S4306401796","display_name":"Rare & Special e-Zone (The Hong Kong University of Science and Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I200769079","host_organization_name":"Hong Kong University of Science and Technology","host_organization_lineage":["https://openalex.org/I200769079"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"}],"best_oa_location":{"id":"doi:10.1109/access.2019.2895025","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2895025","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08626141.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.46000000834465027,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G5997530250","display_name":null,"funder_award_id":"2016YFB0200401","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G7425921385","display_name":null,"funder_award_id":"2017RS3045","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"}],"funders":[{"id":"https://openalex.org/F4320334924","display_name":"Program for New Century Excellent Talents in University","ror":"https://ror.org/01mv9t934"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2914954538.pdf","grobid_xml":"https://content.openalex.org/works/W2914954538.grobid-xml"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W1015330665","https://openalex.org/W1502951647","https://openalex.org/W1769343819","https://openalex.org/W2016716561","https://openalex.org/W2035945487","https://openalex.org/W2051700952","https://openalex.org/W2129975948","https://openalex.org/W2141175718","https://openalex.org/W2295974667","https://openalex.org/W2546094875","https://openalex.org/W2613534458","https://openalex.org/W2701225458","https://openalex.org/W2773441963","https://openalex.org/W2791018263","https://openalex.org/W2798388185","https://openalex.org/W2800689142","https://openalex.org/W2806377938","https://openalex.org/W2808660067","https://openalex.org/W2811397117","https://openalex.org/W4285719527","https://openalex.org/W4302218635","https://openalex.org/W6630065119","https://openalex.org/W6679554657","https://openalex.org/W6681015208","https://openalex.org/W6697516247"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W2129975948","https://openalex.org/W2591875911","https://openalex.org/W4287833485","https://openalex.org/W2736754676","https://openalex.org/W4387191767","https://openalex.org/W4221162427","https://openalex.org/W4385412215","https://openalex.org/W3194450632","https://openalex.org/W2750938873"],"abstract_inverted_index":{"In":[0,171],"recent":[1],"years,":[2],"the":[3,11,16,20,24,35,40,73,118,128,140,145,173,177,197,200,209,220,224],"fuzzing":[4,119,181],"technology":[5],"is":[6,30],"widely":[7],"used":[8],"to":[9,15,33,39,71,116,121,130,134,143,202],"detect":[10],"software":[12],"vulnerabilities":[13],"owing":[14],"coverage":[17,192],"improvement":[18],"in":[19,69,89,100,125,189,216],"target":[21,210],"program":[22],"and":[23,45,79,92,112,136,149,159,169,205,226],"easiness":[25],"of":[26,47,147,187,208,228],"use.":[27],"However,":[28],"it":[29],"less":[31],"efficient":[32],"fuzz":[34],"stateful":[36,62,179],"protocols":[37],"due":[38],"difficulties":[41],"like":[42],"maintaining":[43,86],"states":[44,77,91],"dependencies":[46,80,95],"messages.":[48],"To":[49],"address":[50],"these":[51],"challenges,":[52],"we":[53],"present":[54],"SPFuzz,":[55,221],"a":[56,67,105],"framework":[57,175],"for":[58,81],"building":[59],"flexible,":[60],"coverage-guided":[61],"protocol":[63,74,76,94,154,180],"fuzzing.":[64],"We":[65,138,212],"define":[66],"language":[68],"SPFuzz":[70,103,148,174,198],"describe":[72],"specifications,":[75],"transitions":[78],"generating":[82],"valuable":[83],"test":[84],"cases,":[85],"correct":[87],"messages":[88,135],"session":[90],"handling":[93],"by":[96,184],"updating":[97],"message":[98],"data":[99],"time.":[101],"The":[102],"adopts":[104],"three-level":[106],"mutation":[107,114],"strategy,":[108],"namely":[109],"head,":[110],"content,":[111],"sequence":[113],"strategy":[115],"drive":[117],"process":[120],"cover":[122],"more":[123,204],"paths,":[124],"conjunction":[126],"with":[127,219],"method":[129],"randomly":[131],"assign":[132],"weights":[133],"strategies.":[137],"use":[139],"following":[141],"metrics":[142],"evaluate":[144],"performance":[146],"other":[150],"frameworks":[151],"upon":[152],"three":[153,190],"implementations,":[155],"i.e.,":[156],"Proftpd,":[157],"Oftpd,":[158],"OpenSSL,":[160],"which":[161,222],"are":[162],"three-granularity":[163],"coverages":[164],"specifically":[165],"function,":[166],"basic":[167],"block,":[168],"edge.":[170],"experiments,":[172],"outperforms":[176],"existing":[178],"tool":[182],"Boofuzz":[183],"an":[185],"average":[186],"69.12%":[188],"granularities":[191],"tests.":[193],"This":[194],"demonstrates":[195],"that":[196],"has":[199],"ability":[201],"explore":[203],"deeper":[206],"paths":[207],"program.":[211],"further":[213],"triggered":[214],"CVE-2015-0291":[215],"OpenSSL":[217],"1.0.2":[218],"proves":[223],"validity":[225],"utility":[227],"our":[229],"framework.":[230]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":3}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}