Al Sardy L, Prasad AR, German R (2026)
Publication Type: Conference contribution, Conference Contribution
Publication year: 2026
Publisher: Springer Science and Business Media Deutschland GmbH
Book Volume: 15955 LNCS
Pages Range: 115-128
Conference Proceedings Title: Lecture Notes in Computer Science
Event location: Stockholm, SWE
ISBN: 9783032020178
DOI: 10.1007/978-3-032-02018-5_9
This article proposes i7Fuzzer, a hybrid fuzzing framework designed to enhance the security testing of stateful communication protocols such as Real-Time Streaming Protocol (RTSP) and Message Queuing Telemetry Transport (MQTT). These protocols, widely deployed in modern networked infrastructures, pose significant challenges for vulnerability detection due to their reliance on ordered message sequences and complex state transitions. i7Fuzzer addresses the limitations of traditional fuzzing approaches by integrating dynamic protocol analysis with machine learning–based mutation guidance. Specifically, a Long Short-Term Memory (LSTM) regression model is used to estimate bit-level mutation probabilities and prioritise the generation of high-impact test cases. The framework also automates the construction of syntactically valid message sequences aligned with protocol-specific states. Although demonstrated on protocols such as RTSP, MQTT, and File Transfer Protocol (FTP), the methodology is broadly applicable to a wide range of stateful protocols. Experimental results confirm that i7Fuzzer improves code coverage and effectively identifies potential protocol-specific vulnerabilities. These findings underscore the benefits of combining neural learning techniques with protocol-aware fuzzing to strengthen the security of critical communication systems.
APA:
Al Sardy, L., Prasad, A.R., & German, R. (2026). i7Fuzzer: Neural-Guided Fuzzing for Enhancing Security Testing of Stateful Protocols. In Martin Törngren, Barbara Gallina, Erwin Schoitsch, Elena Troubitsyna, Friedemann Bitsch (Eds.), Lecture Notes in Computer Science (pp. 115-128). Stockholm, SWE: Springer Science and Business Media Deutschland GmbH.
MLA:
Al Sardy, Loui, Avinash Rajendra Prasad, and Reinhard German. "i7Fuzzer: Neural-Guided Fuzzing for Enhancing Security Testing of Stateful Protocols." Proceedings of the Co-Design of Communication, Computing and Control in Cyber-Physical Systems, CoC3CPS 2025, 20th Workshop on Dependable Smart Embedded and Cyber-Physical Systems and Systems-of-Systems, DECSoS 2025, 12th International Workshop on Next Generation of System Assurance Approaches for Critical Systems, SASSUR 2025, 4th International Workshop on Safety and Security Interaction, SENSEI 2025, 2nd International Workshop on Safety/Reliability/Trustworthiness of Intelligent Transportation Systems, SRToITS 2025 and 8th International Workshop on Artificial Intelligence Safety Engineering, WAISE 2025 held in conjunction with the 44th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2025, Stockholm, SWE Ed. Martin Törngren, Barbara Gallina, Erwin Schoitsch, Elena Troubitsyna, Friedemann Bitsch, Springer Science and Business Media Deutschland GmbH, 2026. 115-128.
BibTeX: Download