{"id":"https://openalex.org/W4402954308","doi":"https://doi.org/10.1145/3658644.3690274","title":"No Peer, no Cry: Network Application Fuzzing via Fault Injection","display_name":"No Peer, no Cry: Network Application Fuzzing via Fault Injection","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4402954308","doi":"https://doi.org/10.1145/3658644.3690274"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3690274","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690274","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690274","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690274","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5053788383","display_name":"Nils Bars","orcid":"https://orcid.org/0009-0001-5179-4002"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Nils Bars","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069446947","display_name":"Moritz Schloegel","orcid":"https://orcid.org/0000-0003-1630-1687"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Moritz Schloegel","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081483595","display_name":"Nico Schiller","orcid":"https://orcid.org/0009-0004-6401-5989"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Nico Schiller","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058085387","display_name":"Lukas Bernhard","orcid":"https://orcid.org/0009-0005-8564-1476"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Lukas Bernhard","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056790702","display_name":"Thorsten Holz","orcid":"https://orcid.org/0000-0002-2783-1264"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Thorsten Holz","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5053788383"],"corresponding_institution_ids":["https://openalex.org/I4210128801"],"apc_list":null,"apc_paid":null,"fwci":2.3808,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.90941128,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"750","last_page":"764"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9620243906974792},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8615424633026123},{"id":"https://openalex.org/keywords/communications-protocol","display_name":"Communications protocol","score":0.5007078647613525},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4921337962150574},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.47599780559539795},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.44982168078422546},{"id":"https://openalex.org/keywords/peer-to-peer","display_name":"Peer-to-peer","score":0.4236082136631012},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4187451899051666},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.41616809368133545},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.36330336332321167},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.3567127287387848},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.21970856189727783},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13713353872299194}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9620243906974792},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8615424633026123},{"id":"https://openalex.org/C12269588","wikidata":"https://www.wikidata.org/wiki/Q132364","display_name":"Communications protocol","level":2,"score":0.5007078647613525},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4921337962150574},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.47599780559539795},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.44982168078422546},{"id":"https://openalex.org/C534932454","wikidata":"https://www.wikidata.org/wiki/Q161410","display_name":"Peer-to-peer","level":2,"score":0.4236082136631012},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4187451899051666},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.41616809368133545},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.36330336332321167},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3567127287387848},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.21970856189727783},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13713353872299194},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3658644.3690274","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690274","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690274","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2409.01059","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2409.01059","pdf_url":"https://arxiv.org/pdf/2409.01059","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3658644.3690274","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690274","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690274","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.8299999833106995}],"awards":[{"id":"https://openalex.org/G2208967777","display_name":null,"funder_award_id":"101045669","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G352791218","display_name":null,"funder_award_id":"(BMBF)","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4402954308.pdf"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W186035943","https://openalex.org/W1769343819","https://openalex.org/W2124621264","https://openalex.org/W2239183242","https://openalex.org/W2350778671","https://openalex.org/W2868435436","https://openalex.org/W2888875512","https://openalex.org/W2947182139","https://openalex.org/W3020610636","https://openalex.org/W3028360334","https://openalex.org/W3048197573","https://openalex.org/W3101845936","https://openalex.org/W3120111116","https://openalex.org/W3175832761","https://openalex.org/W3194771370","https://openalex.org/W3207926955","https://openalex.org/W3208566226","https://openalex.org/W3212565000","https://openalex.org/W4210759690","https://openalex.org/W4221162427","https://openalex.org/W4251988601","https://openalex.org/W4284706927","https://openalex.org/W4313933079","https://openalex.org/W4400120919","https://openalex.org/W6754412467","https://openalex.org/W6766204418","https://openalex.org/W6781625084","https://openalex.org/W6785717179","https://openalex.org/W6807870364","https://openalex.org/W6810421805","https://openalex.org/W6833780757","https://openalex.org/W6867071929","https://openalex.org/W6902390121"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2766647240","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W4210660460","https://openalex.org/W3203597304","https://openalex.org/W4248424560","https://openalex.org/W3119380829","https://openalex.org/W3047641002"],"abstract_inverted_index":{"Network-facing":[0],"applications":[1,25],"are":[2],"commonly":[3],"exposed":[4],"to":[5,13,32,38,48,57,65,112,130],"all":[6],"kinds":[7],"of":[8,60,91,98,133],"attacks,":[9],"especially":[10],"when":[11],"connected":[12],"the":[14,61,82,88,96,120],"internet.":[15],"As":[16],"a":[17],"result,":[18],"web":[19],"servers":[20],"like":[21],"Nginx":[22],"or":[23,104,116],"client":[24],"such":[26],"as":[27,53],"curl":[28],"make":[29],"every":[30],"effort":[31],"secure":[33],"and":[34,95,127],"harden":[35],"their":[36],"code":[37],"rule":[39],"out":[40],"memory":[41],"safety":[42],"violations.":[43],"One":[44],"would":[45],"expect":[46],"this":[47],"include":[49],"regular":[50],"fuzz":[51],"testing,":[52],"fuzzing":[54,77],"has":[55,74],"proven":[56],"be":[58],"one":[59],"most":[62],"successful":[63],"approaches":[64],"uncovering":[66],"bugs":[67],"in":[68],"software.":[69],"Yet,":[70],"surprisingly":[71],"little":[72],"research":[73],"focused":[75],"on":[76,119],"network":[78],"applications.":[79],"When":[80],"studying":[81],"underlying":[83],"reasons,":[84],"we":[85],"find":[86],"that":[87],"interactive":[89],"nature":[90],"communication,":[92],"its":[93],"statefulness,":[94],"protection":[97],"exchanged":[99],"messages":[100,115],"(e.g.,":[101],"via":[102],"encryption":[103],"cryptographic":[105],"signatures)":[106],"render":[107],"typical":[108],"fuzzers":[109],"ineffective.":[110],"Attempts":[111],"replay":[113],"recorded":[114],"modify":[117],"them":[118],"fly":[121],"only":[122],"work":[123],"for":[124],"specific":[125],"targets":[126],"often":[128],"lead":[129],"early":[131],"termination":[132],"communication.":[134]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}