{"id":"https://openalex.org/W7154567827","doi":"https://doi.org/10.1145/3803525.3804980","title":"Fuzzing Cross-Chain Vulnerabilities with BridgeFuzz","display_name":"Fuzzing Cross-Chain Vulnerabilities with BridgeFuzz","publication_year":2026,"publication_date":"2026-04-16","ids":{"openalex":"https://openalex.org/W7154567827","doi":"https://doi.org/10.1145/3803525.3804980"},"language":null,"primary_location":{"id":"doi:10.1145/3803525.3804980","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3803525.3804980","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th European Workshop on Systems Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3803525.3804980","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081189339","display_name":"Pascal Winkler","orcid":"https://orcid.org/0009-0002-8324-4993"},"institutions":[{"id":"https://openalex.org/I62318514","display_name":"University of Duisburg-Essen","ror":"https://ror.org/04mz5ra38","country_code":"DE","type":"education","lineage":["https://openalex.org/I62318514"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Pascal Winkler","raw_affiliation_strings":["paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany"],"raw_orcid":"https://orcid.org/0009-0002-8324-4993","affiliations":[{"raw_affiliation_string":"paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany","institution_ids":["https://openalex.org/I62318514"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5120610207","display_name":"Christian Scholz","orcid":"https://orcid.org/0009-0003-2601-2202"},"institutions":[{"id":"https://openalex.org/I62318514","display_name":"University of Duisburg-Essen","ror":"https://ror.org/04mz5ra38","country_code":"DE","type":"education","lineage":["https://openalex.org/I62318514"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christian Scholz","raw_affiliation_strings":["paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany"],"raw_orcid":"https://orcid.org/0009-0003-2601-2202","affiliations":[{"raw_affiliation_string":"paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany","institution_ids":["https://openalex.org/I62318514"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013395070","display_name":"Jens-Rene Giesen","orcid":"https://orcid.org/0009-0004-0685-6237"},"institutions":[{"id":"https://openalex.org/I62318514","display_name":"University of Duisburg-Essen","ror":"https://ror.org/04mz5ra38","country_code":"DE","type":"education","lineage":["https://openalex.org/I62318514"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jens-Rene Giesen","raw_affiliation_strings":["paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany"],"raw_orcid":"https://orcid.org/0009-0004-0685-6237","affiliations":[{"raw_affiliation_string":"paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany","institution_ids":["https://openalex.org/I62318514"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008663787","display_name":"Noah Kappert","orcid":null},"institutions":[{"id":"https://openalex.org/I62318514","display_name":"University of Duisburg-Essen","ror":"https://ror.org/04mz5ra38","country_code":"DE","type":"education","lineage":["https://openalex.org/I62318514"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Noah Kappert","raw_affiliation_strings":["paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany"],"raw_orcid":"https://orcid.org/0009-0004-0166-1625","affiliations":[{"raw_affiliation_string":"paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany","institution_ids":["https://openalex.org/I62318514"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089242868","display_name":"Lucas Davi","orcid":"https://orcid.org/0000-0002-7322-2777"},"institutions":[{"id":"https://openalex.org/I62318514","display_name":"University of Duisburg-Essen","ror":"https://ror.org/04mz5ra38","country_code":"DE","type":"education","lineage":["https://openalex.org/I62318514"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Lucas Davi","raw_affiliation_strings":["paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany"],"raw_orcid":"https://orcid.org/0000-0002-7322-2777","affiliations":[{"raw_affiliation_string":"paluno - the Ruhr Institute for Software Technology, University of Duisburg-Essen, Essen, Germany","institution_ids":["https://openalex.org/I62318514"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5081189339"],"corresponding_institution_ids":["https://openalex.org/I62318514"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.82744326,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"81","last_page":"88"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.1543000042438507,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.1543000042438507,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.15299999713897705,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.15070000290870667,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.8646000027656555},{"id":"https://openalex.org/keywords/interoperability","display_name":"Interoperability","score":0.6489999890327454},{"id":"https://openalex.org/keywords/bridging","display_name":"Bridging (networking)","score":0.5849999785423279},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5767999887466431},{"id":"https://openalex.org/keywords/bridge","display_name":"Bridge (graph theory)","score":0.4465000033378601},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.4456999897956848},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.43389999866485596},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.4244999885559082}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.8646000027656555},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6872000098228455},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.656000018119812},{"id":"https://openalex.org/C20136886","wikidata":"https://www.wikidata.org/wiki/Q749647","display_name":"Interoperability","level":2,"score":0.6489999890327454},{"id":"https://openalex.org/C174348530","wikidata":"https://www.wikidata.org/wiki/Q188635","display_name":"Bridging (networking)","level":2,"score":0.5849999785423279},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5767999887466431},{"id":"https://openalex.org/C100776233","wikidata":"https://www.wikidata.org/wiki/Q2532492","display_name":"Bridge (graph theory)","level":2,"score":0.4465000033378601},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.4456999897956848},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.43389999866485596},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.4244999885559082},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.3919999897480011},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.38679999113082886},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.36719998717308044},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.30000001192092896},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.2994000017642975},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.27059999108314514},{"id":"https://openalex.org/C35869016","wikidata":"https://www.wikidata.org/wiki/Q846636","display_name":"Software architecture","level":3,"score":0.2705000042915344},{"id":"https://openalex.org/C2781198186","wikidata":"https://www.wikidata.org/wiki/Q701521","display_name":"Collusion","level":2,"score":0.26899999380111694},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2624000012874603},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.2606000006198883},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.2565999925136566},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.2549000084400177}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3803525.3804980","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3803525.3804980","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th European Workshop on Systems Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3803525.3804980","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3803525.3804980","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th European Workshop on Systems Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G6011870301","display_name":null,"funder_award_id":"101042266","funder_id":"https://openalex.org/F4320334678","funder_display_name":"European Research Council"}],"funders":[{"id":"https://openalex.org/F4320334678","display_name":"European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W4308641862","https://openalex.org/W4312568316","https://openalex.org/W4313563932","https://openalex.org/W4318616700","https://openalex.org/W4384155618","https://openalex.org/W4385412537","https://openalex.org/W4388858789","https://openalex.org/W4389887771","https://openalex.org/W4390091589","https://openalex.org/W4392427186","https://openalex.org/W4400023201","https://openalex.org/W4400484337","https://openalex.org/W4402457133","https://openalex.org/W4402955714","https://openalex.org/W4411450271","https://openalex.org/W4412129939","https://openalex.org/W4412404493","https://openalex.org/W4414448702","https://openalex.org/W4416437075","https://openalex.org/W7081325648"],"related_works":[],"abstract_inverted_index":{"Cross-chain":[0],"bridges":[1],"are":[2,16],"critical":[3],"for":[4,77],"decentralized":[5],"finance":[6],"(DeFi)":[7],"to":[8],"enable":[9],"asset":[10],"interoperability":[11],"across":[12],"heterogeneous":[13],"blockchains.":[14],"They":[15],"based":[17],"on":[18,53],"a":[19],"complex":[20,61],"hybrid":[21],"architecture":[22],"that":[23],"involves":[24],"on-chain":[25],"contracts":[26,55],"and":[27,56,91,109],"off-chain":[28,92],"relayers.":[29],"In":[30,67],"the":[31,60,73,97,102,110],"recent":[32],"past,":[33],"several":[34],"major":[35],"attacks":[36],"exploited":[37],"vulnerabilities":[38,84],"in":[39,64],"cross-chain":[40,65,78,115],"bridges.":[41,66,116],"However,":[42],"existing":[43],"analysis":[44,113],"tools":[45],"have":[46],"limited":[47],"detection":[48],"effectiveness":[49],"as":[50,86],"they":[51],"focus":[52],"individual":[54],"do":[57],"not":[58],"capture":[59],"interaction":[62],"chain":[63],"this":[68],"paper,":[69],"we":[70],"present":[71],"BridgeFuzz,":[72],"first":[74,98],"fuzzing":[75],"framework":[76],"bridge":[79],"developers":[80],"capable":[81],"of":[82,114],"detecting":[83],"such":[85],"balance":[87],"mismatches,":[88],"protocol":[89],"errors,":[90],"denial-of-service":[93],"bugs.":[94],"BridgeFuzz":[95],"is":[96],"step":[99],"towards":[100],"bridging":[101],"gap":[103],"between":[104],"smart":[105],"contract":[106],"vulnerability":[107,112],"research":[108],"holistic":[111]},"counts_by_year":[],"updated_date":"2026-05-03T08:25:01.440150","created_date":"2026-04-17T00:00:00"}