{"id":"https://openalex.org/W4416549601","doi":"https://doi.org/10.1145/3719027.3765035","title":"ZVDetector: State-Guided Vulnerability Detection System for Zigbee Devices","display_name":"ZVDetector: State-Guided Vulnerability Detection System for Zigbee Devices","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549601","doi":"https://doi.org/10.1145/3719027.3765035"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3765035","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765035","pdf_url":null,"source":null,"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3719027.3765035","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5104728074","display_name":"Hai Lin","orcid":"https://orcid.org/0000-0001-9428-7644"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hai Lin","raw_affiliation_strings":["Tsinghua University, Beijing, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-9428-7644","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054117052","display_name":"Chenglong Li","orcid":"https://orcid.org/0000-0003-4300-678X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chenglong Li","raw_affiliation_strings":["Tsinghua University, Beijing, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-4300-678X","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023416195","display_name":"Jiahai Yang","orcid":"https://orcid.org/0000-0001-6109-6737"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiahai Yang","raw_affiliation_strings":["Tsinghua University, Beijing, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-6109-6737","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100343127","display_name":"Zhiliang Wang","orcid":"https://orcid.org/0000-0001-6587-820X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiliang Wang","raw_affiliation_strings":["Tsinghua University, Beijing, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-6587-820X","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111174933","display_name":"Jiaqi Bai","orcid":"https://orcid.org/0009-0003-9792-3556"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiaqi Bai","raw_affiliation_strings":["Tsinghua University, Beijing, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0003-9792-3556","affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.37651393,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"2549","last_page":"2563"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.382099986076355,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.382099986076355,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.13079999387264252,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.07090000063180923,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9190999865531921},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.8174999952316284},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.6593000292778015},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.6299999952316284},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5314000248908997},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.4535999894142151},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.41179999709129333},{"id":"https://openalex.org/keywords/communications-protocol","display_name":"Communications protocol","score":0.4106999933719635}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9190999865531921},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.8174999952316284},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6797999739646912},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.6593000292778015},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.6299999952316284},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5314000248908997},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.4535999894142151},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.41620001196861267},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.41179999709129333},{"id":"https://openalex.org/C12269588","wikidata":"https://www.wikidata.org/wiki/Q132364","display_name":"Communications protocol","level":2,"score":0.4106999933719635},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4011000096797943},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3587999939918518},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.34150001406669617},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.31619998812675476},{"id":"https://openalex.org/C167822520","wikidata":"https://www.wikidata.org/wiki/Q176452","display_name":"Finite-state machine","level":2,"score":0.30320000648498535},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.3010999858379364},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.27889999747276306},{"id":"https://openalex.org/C555944384","wikidata":"https://www.wikidata.org/wiki/Q249","display_name":"Wireless","level":2,"score":0.27160000801086426},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.26750001311302185},{"id":"https://openalex.org/C63000827","wikidata":"https://www.wikidata.org/wiki/Q3080428","display_name":"Software portability","level":2,"score":0.26589998602867126},{"id":"https://openalex.org/C507571656","wikidata":"https://www.wikidata.org/wiki/Q848436","display_name":"Home automation","level":2,"score":0.26269999146461487},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2587999999523163},{"id":"https://openalex.org/C546215728","wikidata":"https://www.wikidata.org/wiki/Q39531","display_name":"Bluetooth","level":3,"score":0.2538999915122986}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3765035","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765035","pdf_url":null,"source":null,"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3719027.3765035","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765035","pdf_url":null,"source":null,"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G6419233385","display_name":null,"funder_award_id":"62172251","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W2102676366","https://openalex.org/W2295974667","https://openalex.org/W2686848947","https://openalex.org/W2735927446","https://openalex.org/W2753873057","https://openalex.org/W2868435436","https://openalex.org/W2882992559","https://openalex.org/W2914954538","https://openalex.org/W2969698712","https://openalex.org/W2989201839","https://openalex.org/W3014190271","https://openalex.org/W3111743984","https://openalex.org/W3115454775","https://openalex.org/W3139030762","https://openalex.org/W3155102819","https://openalex.org/W3173646574","https://openalex.org/W3184358065","https://openalex.org/W3207926955","https://openalex.org/W3212565000","https://openalex.org/W4282576055","https://openalex.org/W4308411344","https://openalex.org/W4308642592","https://openalex.org/W4324007121","https://openalex.org/W4380926575","https://openalex.org/W4391724785","https://openalex.org/W4402264433","https://openalex.org/W4405182775"],"related_works":[],"abstract_inverted_index":{"Nowadays,":[0],"Zigbee":[1,20,37,178],"devices":[2,21,35,179],"are":[3,16],"widely":[4],"used":[5],"in":[6,19],"smart":[7,9],"home,":[8],"agriculture":[10],"and":[11,51,109,129,151,180,198],"other":[12],"industries.":[13],"However,":[14,43],"there":[15],"many":[17,68],"vulnerabilities":[18,69,81,105,183],"that":[22,118,146],"could":[23],"compromise":[24],"their":[25],"normal":[26],"functionality.":[27],"Existing":[28],"research":[29],"either":[30],"analyzes":[31],"firmware":[32,55,104],"or":[33,56],"fuzzes":[34],"through":[36],"networks":[38],"to":[39,66,192,204],"discover":[40,199],"potential":[41],"vulnerabilities.":[42],"they":[44,64],"overlook":[45],"the":[46,77,84,136,157,164,172,190],"impact":[47],"of":[48,76,86,135,174],"device":[49,138,195],"state":[50,53,61,123,139,153,159,166,196],"protocol":[52,122,206],"on":[54,126,176],"explore":[57,119,163,193],"only":[58],"a":[59,95,131,143],"limited":[60],"space.":[62],"Thus,":[63],"fail":[65],"identify":[67],"caused":[70,106],"by":[71,83,107],"hidden":[72,108],"states":[73],"within":[74],"each":[75],"two":[78,88,115],"states,":[79],"especially":[80],"triggered":[82],"combination":[85],"these":[87],"states.":[89,111,207],"In":[90],"this":[91],"paper,":[92],"we":[93,113],"design":[94,114],"state-guided":[96],"fuzzing":[97,144],"system,":[98],"named":[99],"ZVDetector,":[100],"aimed":[101],"at":[102],"uncovering":[103],"combined":[110,165],"Specifically,":[112],"state-aware":[116],"modules":[117],"richer":[120],"unknown":[121,205],"transitions":[124],"based":[125],"message":[127,148,201],"relationships":[128,202],"gain":[130],"more":[132,168,194,200],"complete":[133],"understanding":[134],"intrinsic":[137],"attributes.":[140],"We":[141,170],"develop":[142],"algorithm":[145],"incorporates":[147],"semantics":[149],"awareness":[150],"correlation":[152],"analysis.":[154],"By":[155],"integrating":[156],"perceived":[158],"information,":[160],"it":[161],"can":[162],"space":[167],"efficiently.":[169],"validate":[171],"performance":[173],"ZVDetector":[175],"10":[177],"find":[181],"25":[182],"(19":[184],"zero-day).":[185],"Our":[186],"experiments":[187],"also":[188],"demonstrate":[189],"ability":[191],"attributes":[197],"related":[203]},"counts_by_year":[],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-11-23T00:00:00"}
