{"id":"https://openalex.org/W4416962055","doi":"https://doi.org/10.1109/pst65910.2025.11268882","title":"TFVDFuzzer: Transformer-based Fuzzing Framework for Vulnerability Detection in Modbus Protocol","display_name":"TFVDFuzzer: Transformer-based Fuzzing Framework for Vulnerability Detection in Modbus Protocol","publication_year":2025,"publication_date":"2025-08-26","ids":{"openalex":"https://openalex.org/W4416962055","doi":"https://doi.org/10.1109/pst65910.2025.11268882"},"language":null,"primary_location":{"id":"doi:10.1109/pst65910.2025.11268882","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268882","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101986657","display_name":"Ahmed Reda","orcid":"https://orcid.org/0000-0002-5920-3553"},"institutions":[{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Ahmed Reda Aldysty","raw_affiliation_strings":["University of New South Wales,School of Systems and Computing,Canberra,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,School of Systems and Computing,Canberra,Australia","institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089327837","display_name":"Nour Moustafa","orcid":"https://orcid.org/0000-0001-6127-9349"},"institutions":[{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Nour Moustafa","raw_affiliation_strings":["University of New South Wales,School of Systems and Computing,Canberra,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,School of Systems and Computing,Canberra,Australia","institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031370692","display_name":"Erandi Lakshika","orcid":"https://orcid.org/0000-0002-1132-3492"},"institutions":[{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Erandi Lakshika","raw_affiliation_strings":["University of New South Wales,School of Systems and Computing,Canberra,Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales,School of Systems and Computing,Canberra,Australia","institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5101986657"],"corresponding_institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.36832487,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.826200008392334,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.826200008392334,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.04039999842643738,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.01759999990463257,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9818000197410583},{"id":"https://openalex.org/keywords/modbus","display_name":"Modbus","score":0.6554999947547913},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.47859999537467957},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.4153999984264374},{"id":"https://openalex.org/keywords/test-case","display_name":"Test case","score":0.4115000069141388},{"id":"https://openalex.org/keywords/resampling","display_name":"Resampling","score":0.37959998846054077},{"id":"https://openalex.org/keywords/byte","display_name":"Byte","score":0.3767000138759613},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.3666999936103821}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9818000197410583},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.718999981880188},{"id":"https://openalex.org/C2776666747","wikidata":"https://www.wikidata.org/wiki/Q1135322","display_name":"Modbus","level":3,"score":0.6554999947547913},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.47859999537467957},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.43880000710487366},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.4153999984264374},{"id":"https://openalex.org/C128942645","wikidata":"https://www.wikidata.org/wiki/Q1568346","display_name":"Test case","level":3,"score":0.4115000069141388},{"id":"https://openalex.org/C150921843","wikidata":"https://www.wikidata.org/wiki/Q1170431","display_name":"Resampling","level":2,"score":0.37959998846054077},{"id":"https://openalex.org/C43364308","wikidata":"https://www.wikidata.org/wiki/Q8799","display_name":"Byte","level":2,"score":0.3767000138759613},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.3666999936103821},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.35690000653266907},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.3441999852657318},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.3142000138759613},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.3140999972820282},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3041999936103821},{"id":"https://openalex.org/C53942775","wikidata":"https://www.wikidata.org/wiki/Q1211721","display_name":"Code coverage","level":3,"score":0.28139999508857727},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.2793000042438507},{"id":"https://openalex.org/C16910744","wikidata":"https://www.wikidata.org/wiki/Q7705759","display_name":"Test data","level":2,"score":0.2718000113964081},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.2556000053882599},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2556000053882599},{"id":"https://openalex.org/C2777267654","wikidata":"https://www.wikidata.org/wiki/Q3519023","display_name":"Test (biology)","level":2,"score":0.25529998540878296},{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.25220000743865967}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pst65910.2025.11268882","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268882","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W2033742178","https://openalex.org/W2701225458","https://openalex.org/W2883395840","https://openalex.org/W2941716495","https://openalex.org/W2972624025","https://openalex.org/W2976212499","https://openalex.org/W2977414522","https://openalex.org/W2979357014","https://openalex.org/W3004663645","https://openalex.org/W3007882214","https://openalex.org/W3026584300","https://openalex.org/W3033609135","https://openalex.org/W3037044296","https://openalex.org/W3072699177","https://openalex.org/W3121931708","https://openalex.org/W3126291053","https://openalex.org/W3128032258","https://openalex.org/W3146366485","https://openalex.org/W3188005927","https://openalex.org/W3192298756","https://openalex.org/W3201776251","https://openalex.org/W4210660460","https://openalex.org/W4285301025","https://openalex.org/W4294975711","https://openalex.org/W4306965903","https://openalex.org/W4353094058","https://openalex.org/W4377009180","https://openalex.org/W4382941062","https://openalex.org/W4385245566","https://openalex.org/W4388040098","https://openalex.org/W4390241187","https://openalex.org/W4391136507","https://openalex.org/W4391724785","https://openalex.org/W4392888376","https://openalex.org/W4396796765","https://openalex.org/W4396853081"],"related_works":[],"abstract_inverted_index":{"The":[0,193],"development":[1],"of":[2,41,63,66,93,119,147,189,218,229,255,263],"industrial":[3],"control":[4],"systems":[5],"(ICS)":[6],"has":[7],"led":[8],"to":[9,20,37,59,87,131,143,178,185,225,259],"security":[10],"vulnerabilities":[11,31],"in":[12,74,109],"ICS":[13,148],"protocols,":[14],"which":[15,114],"have":[16,52,123],"caused":[17],"significant":[18,209],"threats":[19],"these":[21,133],"systems.":[22],"Fuzzing":[23],"is":[24,195],"a":[25,38,125,169,198,212,249],"highly":[26],"effective":[27],"technique":[28],"for":[29,183],"detecting":[30],"by":[32],"exposing":[33],"the":[34,60,78,89,94,110,117,140,145,156,161,180,187,190],"target":[35],"program":[36],"large":[39],"volume":[40],"malformed":[42],"and":[43,51,56,68,91,97,159,206,241,248,268],"unexpected":[44],"input.":[45],"Traditional":[46],"fuzzing":[47,83,127,157],"methods":[48,84],"are":[49,85],"time-consuming":[50],"low":[53,107],"acceptance":[54,164],"rates":[55],"coverage":[57],"due":[58],"manual":[61],"extraction":[62],"specifications,":[64,150],"lack":[65],"guidance,":[67],"blind":[69],"mutations,":[70],"limiting":[71],"their":[72,226,260],"efficiency":[73],"discovering":[75],"vulnerabilities.":[76,121],"Currently,":[77],"Generative":[79],"Adversarial":[80],"Network":[81],"(GAN)-based":[82],"used":[86,168],"learn":[88],"syntax":[90],"format":[92],"input":[95],"data":[96],"generate":[98],"valid":[99],"test":[100,112,162,191],"cases.":[101,192],"However,":[102],"they":[103],"still":[104],"suffer":[105],"from":[106],"diversity":[108,188],"generated":[111],"cases,":[113],"can":[115],"affect":[116],"potential":[118],"triggering":[120],"We":[122],"proposed":[124],"transformerbased":[126],"framework":[128],"called":[129],"TFVDFuzzer":[130,194],"solve":[132],"issues.":[134],"In":[135],"this":[136],"framework,":[137],"we":[138,167],"leverage":[139],"Transformer":[141],"model":[142,172],"automate":[144],"learning":[146,171],"protocol":[149],"especially":[151],"Modbus,":[152],"significantly":[153],"speeding":[154],"up":[155],"process":[158],"enhancing":[160],"case":[163],"rate.":[165],"Furthermore,":[166],"deep":[170],"that":[173],"employs":[174],"an":[175],"attention":[176],"mechanism":[177],"determine":[179],"appropriate":[181],"bytes":[182],"mutations":[184],"enhance":[186],"assessed":[196],"using":[197],"benchmark":[199],"Modbus":[200],"dataset.":[201],"It":[202],"outperforms":[203],"Peach,":[204],"Fuzzowski,":[205],"NCMFuzzer":[207],"with":[208],"improvements,":[210],"achieving":[211],"Test":[213,250],"Case":[214],"Reception":[215],"Rate":[216,253],"(TCRR)":[217],"$\\mathbf{9":[219,242],"8.":[220],"1":[221],"5":[222,245],"\\%}$":[223],"compared":[224],"highest":[227,261],"values":[228,262],"$\\mathbf{5":[230],"1.":[231],"4":[232],"2":[233,239,244],"\\%,":[234,265],"~}":[235],"\\mathbf{6":[236],"9.":[237],"0":[238],"\\%}$,":[240,246],"4.":[243],"respectively,":[247],"System":[251],"Anomaly":[252],"(TSAR)":[254],"$3.1":[256],"\\%$":[257],"relative":[258],"$0.445":[264],"0.475":[266],"\\%$,":[267,270],"$0.96":[269],"respectively.":[271]},"counts_by_year":[],"updated_date":"2026-04-17T18:11:37.981687","created_date":"2025-12-03T00:00:00"}