{"id":"https://openalex.org/W7126101089","doi":"https://doi.org/10.1109/comcomap68359.2025.11353192","title":"LLM-Guided Initial Seed Selection for Black-Box IoT Fuzzing to Enhance Vulnerability Detection","display_name":"LLM-Guided Initial Seed Selection for Black-Box IoT Fuzzing to Enhance Vulnerability Detection","publication_year":2025,"publication_date":"2025-12-14","ids":{"openalex":"https://openalex.org/W7126101089","doi":"https://doi.org/10.1109/comcomap68359.2025.11353192"},"language":null,"primary_location":{"id":"doi:10.1109/comcomap68359.2025.11353192","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comcomap68359.2025.11353192","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 Computing, Communications and IoT Applications (ComComAp)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5121078318","display_name":"Hibiki Nakanishi","orcid":null},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Hibiki Nakanishi","raw_affiliation_strings":["Waseda University,Department of Computer Science and Communications Engineering"],"affiliations":[{"raw_affiliation_string":"Waseda University,Department of Computer Science and Communications Engineering","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066000044","display_name":"Kento Hasegawa","orcid":"https://orcid.org/0000-0002-6517-1703"},"institutions":[{"id":"https://openalex.org/I4210164495","display_name":"KDDI Research (Japan)","ror":"https://ror.org/05qsqt662","country_code":"JP","type":"company","lineage":["https://openalex.org/I4210164495"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kento Hasegawa","raw_affiliation_strings":["KDDI Research, Inc"],"affiliations":[{"raw_affiliation_string":"KDDI Research, Inc","institution_ids":["https://openalex.org/I4210164495"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052844875","display_name":"Seira Hidano","orcid":"https://orcid.org/0009-0006-0571-7168"},"institutions":[{"id":"https://openalex.org/I4210164495","display_name":"KDDI Research (Japan)","ror":"https://ror.org/05qsqt662","country_code":"JP","type":"company","lineage":["https://openalex.org/I4210164495"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Seira Hidano","raw_affiliation_strings":["KDDI Research, Inc"],"affiliations":[{"raw_affiliation_string":"KDDI Research, Inc","institution_ids":["https://openalex.org/I4210164495"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014137807","display_name":"Kazuhide Fukushima","orcid":"https://orcid.org/0000-0003-2571-0116"},"institutions":[{"id":"https://openalex.org/I4210164495","display_name":"KDDI Research (Japan)","ror":"https://ror.org/05qsqt662","country_code":"JP","type":"company","lineage":["https://openalex.org/I4210164495"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kazuhide Fukushima","raw_affiliation_strings":["KDDI Research, Inc"],"affiliations":[{"raw_affiliation_string":"KDDI Research, Inc","institution_ids":["https://openalex.org/I4210164495"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103192268","display_name":"Kazuo Hashimoto","orcid":"https://orcid.org/0000-0002-7877-9507"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kazuo Hashimoto","raw_affiliation_strings":["Waseda University,Department of Computer Science and Communications Engineering"],"affiliations":[{"raw_affiliation_string":"Waseda University,Department of Computer Science and Communications Engineering","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5027104780","display_name":"N Togawa","orcid":null},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Nozomu Togawa","raw_affiliation_strings":["Waseda University,Department of Computer Science and Communications Engineering"],"affiliations":[{"raw_affiliation_string":"Waseda University,Department of Computer Science and Communications Engineering","institution_ids":["https://openalex.org/I150744194"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5121078318"],"corresponding_institution_ids":["https://openalex.org/I150744194"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.79157693,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"189","last_page":"194"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.7515000104904175,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.7515000104904175,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.061400000005960464,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.02979999966919422,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9742000102996826},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6471999883651733},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5454999804496765},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5407000184059143},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5403000116348267},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.5338000059127808},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.520799994468689}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9742000102996826},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7501999735832214},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6471999883651733},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5454999804496765},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5407000184059143},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5403000116348267},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.5338000059127808},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.520799994468689},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5188999772071838},{"id":"https://openalex.org/C53942775","wikidata":"https://www.wikidata.org/wiki/Q1211721","display_name":"Code coverage","level":3,"score":0.4821000099182129},{"id":"https://openalex.org/C128942645","wikidata":"https://www.wikidata.org/wiki/Q1568346","display_name":"Test case","level":3,"score":0.3880000114440918},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3671000003814697},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3637000024318695},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.33410000801086426},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.31790000200271606},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.30239999294281006},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.2802000045776367},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.2802000045776367},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.27970001101493835},{"id":"https://openalex.org/C2777267654","wikidata":"https://www.wikidata.org/wiki/Q3519023","display_name":"Test (biology)","level":2,"score":0.25290000438690186}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/comcomap68359.2025.11353192","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comcomap68359.2025.11353192","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 Computing, Communications and IoT Applications (ComComAp)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W2071319337","https://openalex.org/W2791018263","https://openalex.org/W3012047770","https://openalex.org/W3163844163","https://openalex.org/W3212565000","https://openalex.org/W4210660460","https://openalex.org/W4316658458","https://openalex.org/W4403565155","https://openalex.org/W4412169994"],"related_works":[],"abstract_inverted_index":{"Fuzzing":[0,32],"is":[1,36,83,97],"a":[2,8,105,168],"vulnerability":[3],"testing":[4,50],"approach":[5],"that":[6,107,151],"generates":[7],"large":[9,109],"number":[10],"of":[11,33,38,49,54,67,90,118],"test":[12],"cases":[13],"based":[14],"on":[15,77],"initial":[16,55,128,158],"values":[17],"(initial":[18],"seeds),":[19],"sends":[20],"them":[21],"to":[22,28,85,113,125,172],"the":[23,39,47,52,68,88,115,135,152],"target":[24],"device,":[25],"and":[26,124,139,163],"attempts":[27],"trigger":[29],"unexpected":[30],"behaviors.":[31],"IoT":[34,91,119],"devices":[35,120,136],"one":[37],"effective":[40,127],"ways":[41],"for":[42],"detecting":[43],"unknown":[44],"vulnerabilities.":[45],"From":[46],"perspective":[48],"efficiency,":[51],"set":[53],"seeds":[56,129,159,175],"should":[57],"be":[58],"as":[59,61],"small":[60],"possible":[62],"while":[63],"ensuring":[64],"sufficient":[65],"exploration":[66],"input":[69],"space.":[70],"Conventional":[71],"seed":[72],"selection":[73],"methods":[74],"often":[75],"rely":[76],"source":[78,95,141],"code":[79,96,142],"coverage,":[80],"but":[81],"this":[82,101],"difficult":[84],"apply":[86],"in":[87,167],"context":[89],"devices,":[92],"where":[93],"its":[94],"frequently":[98],"unavailable.":[99],"In":[100],"paper,":[102],"we":[103],"propose":[104],"method":[106,154],"leverages":[108],"language":[110],"models":[111],"(LLMs)":[112],"infer":[114],"internal":[116,144],"specifications":[117],"from":[121,160],"communication":[122],"logs":[123],"select":[126],"among":[130],"candidate":[131],"seeds,":[132],"even":[133],"when":[134],"are":[137,146],"black-box":[138],"neither":[140],"nor":[143],"states":[145],"accessible.":[147],"Experimental":[148],"results":[149],"show":[150],"proposed":[153],"successfully":[155],"selected":[156],"15":[157],"63":[161],"candidates":[162],"detected":[164],"more":[165],"vulnerabilities":[166],"shorter":[169],"time":[170],"compared":[171],"using":[173],"all":[174],"or":[176],"random":[177],"selection.":[178]},"counts_by_year":[],"updated_date":"2026-02-01T03:34:12.195049","created_date":"2026-01-30T00:00:00"}