Liu et al., 2025 - Google Patents
MQueez: Specification-Driven Fuzzing for MQTT Broker (Registered Report)Liu et al., 2025
- Document ID
- 13307417480603544934
- Author
- Liu X
- Wang Q
- Liu P
- Wang W
- Ji S
- Publication year
- Publication venue
- Proceedings of the 34th ACM SIGSOFT International Symposium on Software Testing and Analysis
External Links
Snippet
Recently, the MQTT protocol, favored for its lightweight nature, has emerged as a preferred choice for IoT communications. However, MQTT brokers—the critical components responsible for message routing—are vulnerable to memory corruption, posing significant …
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11627160B2 (en) | Intelligent-interaction honeypot for IoT devices | |
| Zhang et al. | SRFuzzer: An automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities | |
| Prokhorenko et al. | Web application protection techniques: A taxonomy | |
| RU2444056C1 (en) | System and method of speeding up problem solving by accumulating statistical information | |
| US12335299B2 (en) | Cyber security system and method using intelligent agents | |
| Sekar et al. | A specification-based approach for building survivable systems | |
| US12174959B2 (en) | Method and system for automatically generating malware signature | |
| Johari et al. | Penetration testing in IoT network | |
| Mahadewa et al. | Identifying privacy weaknesses from multi-party trigger-action integration platforms | |
| US20250039067A1 (en) | System and method for enterprise - wide data utilization tracking and risk reporting | |
| Tabrizi et al. | Formal security analysis of smart embedded systems | |
| Yuan et al. | MQTTactic: Security analysis and verification for logic flaws in MQTT implementations | |
| Pan et al. | Model‐Based Grey‐Box Fuzzing of Network Protocols | |
| Wang et al. | Dcdroid: Automated detection of ssl/tls certificate verification vulnerabilities in android apps | |
| Kitagawa et al. | AspFuzz: A state-aware protocol fuzzer based on application-layer protocols | |
| Xu et al. | FIoTFuzzer: Response-based black-box fuzzing for IoT devices | |
| Liu et al. | MQueez: Specification-Driven Fuzzing for MQTT Broker (Registered Report) | |
| Aarya et al. | Web scanning: existing techniques and future | |
| Liu et al. | Detecting Taint-Style Vulnerabilities in Microservice-Structured Web Applications | |
| Zhang et al. | Detection and Analysis of Broken Access Control Vulnerabilities in App–Cloud Interaction in IoT | |
| Cheng et al. | MSLFuzzer: black-box fuzzing of SOHO router devices via message segment list inference | |
| Zhu | Attack Pattern Ontology: A Common Language for Cyber-Security Information Sharing | |
| Ahn et al. | BloomFuzz: Unveiling Bluetooth L2CAP Vulnerabilities via State Cluster Fuzzing with Target-Oriented State Machines | |
| Noorani | On the detection of malware on virtual assistants based on behavioral anomalies | |
| Wang et al. | RW‐Fuzzer: A Fuzzing Method for Vulnerability Mining on Router Web Interface |