{"id":"https://openalex.org/W4405182775","doi":"https://doi.org/10.1145/3658644.3670342","title":"<scp>RIoTFuzzer:</scp> Companion App Assisted Remote Fuzzing for Detecting Vulnerabilities in IoT Devices","display_name":"<scp>RIoTFuzzer:</scp> Companion App Assisted Remote Fuzzing for Detecting Vulnerabilities in IoT Devices","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405182775","doi":"https://doi.org/10.1145/3658644.3670342"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3670342","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670342","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670342","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670342","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Kaizheng Liu","orcid":"https://orcid.org/0000-0003-1721-7508"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kaizheng Liu","raw_affiliation_strings":["Southeast University, Nanjing, Jiangsu, China"],"raw_orcid":"https://orcid.org/0000-0003-1721-7508","affiliations":[{"raw_affiliation_string":"Southeast University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100708940","display_name":"Ming Yang","orcid":"https://orcid.org/0000-0002-8209-1000"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ming Yang","raw_affiliation_strings":["Southeast University, Nanjing, Jiangsu, China"],"raw_orcid":"https://orcid.org/0000-0002-8209-1000","affiliations":[{"raw_affiliation_string":"Southeast University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044255077","display_name":"Zhen Ling","orcid":"https://orcid.org/0000-0001-9691-8702"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhen Ling","raw_affiliation_strings":["Southeast University, Nanjing, Jiangsu, China"],"raw_orcid":"https://orcid.org/0000-0001-9691-8702","affiliations":[{"raw_affiliation_string":"Southeast University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100333755","display_name":"Yue Zhang","orcid":"https://orcid.org/0000-0002-7786-0231"},"institutions":[{"id":"https://openalex.org/I72816309","display_name":"Drexel University","ror":"https://ror.org/04bdffz58","country_code":"US","type":"education","lineage":["https://openalex.org/I72816309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yue Zhang","raw_affiliation_strings":["Drexel University, Philadelphia, PA, USA"],"raw_orcid":"https://orcid.org/0000-0002-7786-0231","affiliations":[{"raw_affiliation_string":"Drexel University, Philadelphia, PA, USA","institution_ids":["https://openalex.org/I72816309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058001707","display_name":"Chongqing Lei","orcid":null},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chongqing Lei","raw_affiliation_strings":["Southeast University, Nanjing, Jiangsu, China"],"raw_orcid":"https://orcid.org/0009-0003-4737-9732","affiliations":[{"raw_affiliation_string":"Southeast University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045275291","display_name":"Junzhou Luo","orcid":"https://orcid.org/0000-0001-7518-4367"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Junzhou Luo","raw_affiliation_strings":["Southeast University, Nanjing, Jiangsu, China"],"raw_orcid":"https://orcid.org/0000-0001-7518-4367","affiliations":[{"raw_affiliation_string":"Southeast University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063375840","display_name":"Xinwen Fu","orcid":"https://orcid.org/0000-0003-2391-7789"},"institutions":[{"id":"https://openalex.org/I133738476","display_name":"University of Massachusetts Lowell","ror":"https://ror.org/03hamhx47","country_code":"US","type":"education","lineage":["https://openalex.org/I133738476"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinwen Fu","raw_affiliation_strings":["University of Massachusetts Lowell, Lowell, MA, USA"],"raw_orcid":"https://orcid.org/0000-0003-2391-7789","affiliations":[{"raw_affiliation_string":"University of Massachusetts Lowell, Lowell, MA, USA","institution_ids":["https://openalex.org/I133738476"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.7156,"has_fulltext":true,"cited_by_count":9,"citation_normalized_percentile":{"value":0.91609281,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"2341","last_page":"2354"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9318946599960327},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6660071611404419},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6428700685501099},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39068832993507385},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.32444125413894653},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.214748352766037},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.08101332187652588}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9318946599960327},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6660071611404419},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6428700685501099},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39068832993507385},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.32444125413894653},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.214748352766037},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.08101332187652588}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3658644.3670342","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670342","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670342","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3658644.3670342","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670342","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670342","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2635751390","display_name":null,"funder_award_id":"BM2003201","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3119304389","display_name":null,"funder_award_id":"93K-9","funder_id":"https://openalex.org/F4320335628","funder_display_name":"Key Laboratory of Computer Network and Information Integration"},{"id":"https://openalex.org/G36496830","display_name":null,"funder_award_id":"62232004","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4319099995","display_name":null,"funder_award_id":"93K-9","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5554206936","display_name":null,"funder_award_id":"93K-9","funder_id":"https://openalex.org/F4320321106","funder_display_name":"Ministry of Education of the People's Republic of China"},{"id":"https://openalex.org/G6462206956","display_name":"\u57fa\u4e8e\u516c\u5171\u533f\u540d\u7f51\u7edc\u7684\u9690\u79c1\u589e\u5f3a\u901a\u4fe1\u6280\u672f\u7814\u7a76","funder_award_id":"62072103","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6833359986","display_name":null,"funder_award_id":"1931871","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7382607216","display_name":null,"funder_award_id":"BM2003201","funder_id":"https://openalex.org/F4320321106","funder_display_name":"Ministry of Education of the People's Republic of China"},{"id":"https://openalex.org/G8735051588","display_name":null,"funder_award_id":"BM2003201","funder_id":"https://openalex.org/F4320335628","funder_display_name":"Key Laboratory of Computer Network and Information Integration"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321106","display_name":"Ministry of Education of the People's Republic of China","ror":"https://ror.org/01mv9t934"},{"id":"https://openalex.org/F4320335628","display_name":"Key Laboratory of Computer Network and Information Integration","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4405182775.pdf","grobid_xml":"https://content.openalex.org/works/W4405182775.grobid-xml"},"referenced_works_count":21,"referenced_works":["https://openalex.org/W2091939272","https://openalex.org/W2144271133","https://openalex.org/W2619405973","https://openalex.org/W2774161712","https://openalex.org/W2791018263","https://openalex.org/W2794648377","https://openalex.org/W2929305171","https://openalex.org/W2938295127","https://openalex.org/W2983028905","https://openalex.org/W3015797940","https://openalex.org/W3095263801","https://openalex.org/W3097802856","https://openalex.org/W3155102819","https://openalex.org/W3212565000","https://openalex.org/W4239249613","https://openalex.org/W4285490418","https://openalex.org/W4308391531","https://openalex.org/W4380926575","https://openalex.org/W4384302769","https://openalex.org/W4388857088","https://openalex.org/W4388858806"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2766647240","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W4210660460","https://openalex.org/W3203597304"],"abstract_inverted_index":{"Due":[0],"to":[1,37,58,69,104,145,158,210],"the":[2,46,50,112,124,148,176,184,204],"diversity":[3],"of":[4,8,10,25,48,108,114,150,170,206,217,223],"architectures":[5],"and":[6,142,165,186,219],"peripherals":[7],"Internet":[9],"Things":[11],"(IoT)":[12],"systems,":[13],"blackbox":[14,29,98],"fuzzing":[15,30,40,99,144,151,200,207],"stands":[16],"out":[17],"as":[18,88],"a":[19,96,220],"prime":[20],"option":[21],"for":[22,138],"discovering":[23],"vulnerabilities":[24,107],"IoT":[26,109,152,160,211],"devices.":[27],"Existing":[28],"tools":[31],"often":[32],"rely":[33,62],"on":[34,63,73,162],"companion":[35,78,115],"apps":[36],"generate":[38],"valid":[39],"packets.":[41],"However,":[42],"existing":[43],"methods":[44],"encounter":[45],"challenges":[47,149],"bypassing":[49],"cloud":[51],"server":[52],"side":[53],"validation":[54],"when":[55],"it":[56],"comes":[57],"fuzz":[59],"devices":[60,110,153,161],"that":[61,198],"cloud-based":[64],"communication.":[65],"Moreover,":[66],"they":[67],"tend":[68],"concentrate":[70],"their":[71,81],"efforts":[72],"Java":[74],"components":[75,86],"within":[76],"Android":[77],"apps,":[79,116],"limiting":[80],"effectiveness":[82],"in":[83],"assessing":[84],"non-Java":[85],"such":[87],"JavaScript-based":[89,125],"mini-apps.":[90],"In":[91],"this":[92],"paper,":[93],"we":[94],"introduce":[95],"novel":[97],"method,":[100],"named":[101],"RIoTFuzzer,":[102],"designed":[103],"remotely":[105],"uncover":[106],"with":[111,123,213],"assistance":[113],"particularly":[117],"those":[118],"powered":[119],"by":[120,175,183],"All-in-one":[121],"Apps":[122],"mini-apps":[126],"feature":[127],"enabled.":[128],"Our":[129,193],"approach":[130],"utilizes":[131],"document-based":[132],"control":[133],"command":[134],"extraction,":[135],"hybrid":[136],"analysis":[137],"mutation":[139],"point":[140],"identification":[141],"side-channel-guided":[143,199],"effectively":[146],"address":[147],"remotely.":[154],"We":[155],"apply":[156],"RIoTFuzzer":[157],"27":[159],"prominent":[163],"platforms":[164],"discovered":[166],"11":[167],"vulnerabilities.":[168],"All":[169],"them":[171],"have":[172,180,187],"been":[173,181,188],"acknowledged":[174],"corresponding":[177],"vendors.":[178],"8":[179],"confirmed":[182],"vendors":[185],"assigned":[189],"4":[190],"CVE":[191],"IDs.":[192],"experiment":[194],"results":[195],"also":[196],"demonstrate":[197],"can":[201],"significantly":[202],"enhance":[203],"efficiency":[205],"packets":[208],"sent":[209],"devices,":[212],"an":[214],"average":[215],"increase":[216,222],"76.62%":[218],"maximum":[221],"362.62%.":[224]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-19T17:40:00.097472","created_date":"2025-10-10T00:00:00"}