{"id":"https://openalex.org/W4283205833","doi":"https://doi.org/10.1109/infocom48880.2022.9796755","title":"FUME: Fuzzing Message Queuing Telemetry Transport Brokers","display_name":"FUME: Fuzzing Message Queuing Telemetry Transport Brokers","publication_year":2022,"publication_date":"2022-05-02","ids":{"openalex":"https://openalex.org/W4283205833","doi":"https://doi.org/10.1109/infocom48880.2022.9796755"},"language":"en","primary_location":{"id":"doi:10.1109/infocom48880.2022.9796755","is_oa":false,"landing_page_url":"https://doi.org/10.1109/infocom48880.2022.9796755","pdf_url":null,"source":{"id":"https://openalex.org/S4363607980","display_name":"IEEE INFOCOM 2022 - IEEE Conference on Computer Communications","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE INFOCOM 2022 - IEEE Conference on Computer Communications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5053553094","display_name":"Bryan Pearson","orcid":null},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Bryan Pearson","raw_affiliation_strings":["University of Central Florida,Dept. of Computer Science,USA","Dept. of Computer Science, University of Central Florida, USA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida,Dept. of Computer Science,USA","institution_ids":["https://openalex.org/I106165777"]},{"raw_affiliation_string":"Dept. of Computer Science, University of Central Florida, USA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100333755","display_name":"Yue Zhang","orcid":"https://orcid.org/0000-0002-7786-0231"},"institutions":[{"id":"https://openalex.org/I34949971","display_name":"University of Jinan","ror":"https://ror.org/02mjz6f26","country_code":"CN","type":"education","lineage":["https://openalex.org/I34949971"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yue Zhang","raw_affiliation_strings":["Jinan University,Dept. of Computer Science","Dept. of Computer Science, Jinan University"],"affiliations":[{"raw_affiliation_string":"Jinan University,Dept. of Computer Science","institution_ids":["https://openalex.org/I34949971"]},{"raw_affiliation_string":"Dept. of Computer Science, Jinan University","institution_ids":["https://openalex.org/I34949971"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052179538","display_name":"Cliff C. Zou","orcid":"https://orcid.org/0000-0003-4229-6957"},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cliff Zou","raw_affiliation_strings":["University of Central Florida,Dept. of Computer Science,USA","Dept. of Computer Science, University of Central Florida, USA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida,Dept. of Computer Science,USA","institution_ids":["https://openalex.org/I106165777"]},{"raw_affiliation_string":"Dept. of Computer Science, University of Central Florida, USA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063375840","display_name":"Xinwen Fu","orcid":"https://orcid.org/0000-0003-2391-7789"},"institutions":[{"id":"https://openalex.org/I133738476","display_name":"University of Massachusetts Lowell","ror":"https://ror.org/03hamhx47","country_code":"US","type":"education","lineage":["https://openalex.org/I133738476"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinwen Fu","raw_affiliation_strings":["University of Massachusetts,Dept. of Computer Science,Lowell,MA,USA","Dept. of Computer Science, University of Massachusetts, Lowell, MA, USA"],"affiliations":[{"raw_affiliation_string":"University of Massachusetts,Dept. of Computer Science,Lowell,MA,USA","institution_ids":["https://openalex.org/I133738476"]},{"raw_affiliation_string":"Dept. of Computer Science, University of Massachusetts, Lowell, MA, USA","institution_ids":["https://openalex.org/I133738476"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5053553094"],"corresponding_institution_ids":["https://openalex.org/I106165777"],"apc_list":null,"apc_paid":null,"fwci":1.5105,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.8190709,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1699","last_page":"1708"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9943124651908875},{"id":"https://openalex.org/keywords/mqtt","display_name":"MQTT","score":0.9688982367515564},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8087159991264343},{"id":"https://openalex.org/keywords/message-queue","display_name":"Message queue","score":0.8038486242294312},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5921710729598999},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.31569331884384155},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.30749303102493286},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.21747204661369324},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.08245304226875305}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9943124651908875},{"id":"https://openalex.org/C132868160","wikidata":"https://www.wikidata.org/wiki/Q10322548","display_name":"MQTT","level":3,"score":0.9688982367515564},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8087159991264343},{"id":"https://openalex.org/C26324664","wikidata":"https://www.wikidata.org/wiki/Q1065525","display_name":"Message queue","level":2,"score":0.8038486242294312},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5921710729598999},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.31569331884384155},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.30749303102493286},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.21747204661369324},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.08245304226875305}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/infocom48880.2022.9796755","is_oa":false,"landing_page_url":"https://doi.org/10.1109/infocom48880.2022.9796755","pdf_url":null,"source":{"id":"https://openalex.org/S4363607980","display_name":"IEEE INFOCOM 2022 - IEEE Conference on Computer Communications","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE INFOCOM 2022 - IEEE Conference on Computer Communications","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W2574017551","https://openalex.org/W2612809042","https://openalex.org/W2613534458","https://openalex.org/W2701082322","https://openalex.org/W2701225458","https://openalex.org/W2752340395","https://openalex.org/W2766540688","https://openalex.org/W2777430404","https://openalex.org/W2779139350","https://openalex.org/W2791018263","https://openalex.org/W2794081682","https://openalex.org/W2794670092","https://openalex.org/W2795192879","https://openalex.org/W2806377938","https://openalex.org/W2888875512","https://openalex.org/W2902193279","https://openalex.org/W2964097210","https://openalex.org/W3015797940","https://openalex.org/W3047947484","https://openalex.org/W3106010854","https://openalex.org/W6749689483","https://openalex.org/W6753913213"],"related_works":["https://openalex.org/W3045756776","https://openalex.org/W2808909086","https://openalex.org/W3171371974","https://openalex.org/W2594893198","https://openalex.org/W2920851310","https://openalex.org/W2782567402","https://openalex.org/W3191127435","https://openalex.org/W4392109326","https://openalex.org/W4214846370","https://openalex.org/W4283205833"],"abstract_inverted_index":{"Message":[0],"Queuing":[1],"Telemetry":[2],"Transport":[3],"(MQTT)":[4],"is":[5,44],"a":[6,30,56,105,113],"popular":[7,157],"communication":[8],"protocol":[9,80],"used":[10],"to":[11,75,104,122],"interconnect":[12],"devices":[13],"with":[14,164],"considerable":[15],"network":[16,118],"restraints,":[17],"such":[18,169],"as":[19,170],"those":[20],"found":[21,135],"in":[22,84],"Internet":[23],"of":[24,33,39,67],"Things":[25],"(IoT).":[26],"MQTT":[27,79,142,158],"directly":[28],"impacts":[29],"large":[31],"number":[32],"devices,":[34],"but":[35],"the":[36,78,100,130],"software":[37],"security":[38],"its":[40],"server":[41],"(\"broker\")":[42],"implementations":[43],"not":[45],"well":[46],"studied.":[47],"In":[48,132],"this":[49],"paper,":[50],"we":[51,134],"design,":[52],"implement,":[53],"and":[54,71,81,94,119,148,172],"evaluate":[55],"novel":[57,114],"fuzz":[58],"testing":[59],"model":[60,99],"for":[61,90],"MQTT.":[62],"The":[63],"fuzzer":[64,161],"combines":[65],"aspects":[66],"mutation":[68,91],"guided":[69,73,92,96],"fuzzing":[70,74,93,97,101,155,167],"generation":[72,95],"rigorously":[76],"exhaust":[77],"identify":[82],"vulnerabilities":[83,138,147],"servers.":[85],"We":[86,109,151],"introduce":[87],"Markov":[88],"chains":[89],"that":[98,153],"engine":[102],"according":[103],"finite":[106],"Bernoulli":[107],"process.":[108],"implement":[110],"\"response":[111],"feedback\",":[112],"technique":[115],"which":[116,124],"monitors":[117],"console":[120],"activity":[121],"learn":[123],"inputs":[125],"trigger":[126],"new":[127],"responses":[128],"from":[129],"broker.":[131],"total,":[133],"7":[136],"major":[137],"across":[139],"9":[140],"different":[141],"implementations,":[143],"including":[144],"6":[145],"zero-day":[146],"2":[149],"CVEs.":[150],"show":[152],"when":[154],"these":[156],"targets,":[159],"our":[160],"compares":[162],"favorably":[163],"other":[165],"state-of-the-art":[166],"frameworks,":[168],"BooFuzz":[171],"AFLNet.":[173]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":4}],"updated_date":"2026-03-26T15:22:09.906841","created_date":"2025-10-10T00:00:00"}