{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,18]],"date-time":"2025-10-18T00:34:19Z","timestamp":1760747659973,"version":"build-2065373602"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032078933","type":"print"},{"value":"9783032078940","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,10,18]],"date-time":"2025-10-18T00:00:00Z","timestamp":1760745600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,10,18]],"date-time":"2025-10-18T00:00:00Z","timestamp":1760745600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-07894-0_6","type":"book-chapter","created":{"date-parts":[[2025,10,17]],"date-time":"2025-10-17T19:07:23Z","timestamp":1760728043000},"page":"105-123","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["LibAFLstar: Fast and State-Aware Protocol Fuzzing"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7435-4176","authenticated-orcid":false,"given":"Cristian","family":"Daniele","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-6958-5328","authenticated-orcid":false,"given":"Timme","family":"Bethe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6585-5494","authenticated-orcid":false,"given":"Marcello","family":"Maugeri","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0329-1830","authenticated-orcid":false,"given":"Andrea","family":"Continella","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4635-187X","authenticated-orcid":false,"given":"Erik","family":"Poll","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,10,18]]},"reference":[{"key":"6_CR1","doi-asserted-by":"crossref","unstructured":"Andarzian, S.B., Daniele, C., Poll, E.: Green-fuzz: efficient fuzzing for network protocol implementations. In: International Symposium on Foundations and Practice of Security, Springer, pp.\u00a0253\u2013268 (2023)","DOI":"10.1007\/978-3-031-57537-2_16"},{"key":"6_CR2","unstructured":"Andarzian, S.B., Daniele, C., Poll, E.: On the (in) efficiency of fuzzing network protocols"},{"issue":"2","key":"6_CR3","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1007\/s10009-021-00644-w","volume":"24","author":"P-A Arras","year":"2022","unstructured":"Arras, P.-A., et al.: SaBRe: load-time selective binary rewriting. Int. J. Softw. Tools Technol. Transfer 24(2), 205\u2013223 (2022)","journal-title":"Int. J. Softw. Tools Technol. Transfer"},{"key":"6_CR4","unstructured":"Ba, J., B\u00f6hme, M., Mirzamomen, Z., Roychoudhury, A.: Stateful greybox fuzzing. In: 31st USENIX Security Symposium (USENIX Security 22) (2022)"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Bastani, O., Sharma, R., Aiken, A., Liang, P.: Synthesizing program input grammars. In: ACM SIGPLAN Notices (2017)","DOI":"10.1145\/3062341.3062349"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Bianchini, M., Gori, M., Scarselli, F.: Inside pagerank. ACM Transactions on Internet Technology (TOIT) (2005)","DOI":"10.1145\/1052934.1052938"},{"key":"6_CR7","unstructured":"B\u00f6hme, M., Cadar, C., Roychoudhury, A.: Fuzzing: Challenges and reflections. IEEE Software (2020)"},{"key":"6_CR8","doi-asserted-by":"crossref","unstructured":"Chen, J., et al.: Discovering memory corruptions in IoT through app-based fuzzing. In: NDSS, Iotfuzzer (2018)","DOI":"10.14722\/ndss.2018.23159"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Chen, Y., Lan, T., Venkataramani, G.: Exploring effective fuzzing strategies to analyze communication protocols. In: ACM Workshop on Forming an Ecosystem Around Software Transformation (2019)","DOI":"10.1145\/3338502.3359762"},{"key":"6_CR10","doi-asserted-by":"crossref","unstructured":"Daniele, C., Andarzian, S.B., Poll, E.: Fuzzers for stateful systems: survey and research directions. ACM Computing Surveys (2024)","DOI":"10.1145\/3648468"},{"key":"6_CR11","unstructured":"De\u00a0Ruiter, J., Poll, E.: Protocol state fuzzing of TLS implementations. In: 24th USENIX Security Symposium (2015)"},{"key":"6_CR12","unstructured":"Doup\u00e9, A., Cavedon, L., Kruegel, C., Vigna, G.: Enemy of the state: a state-aware black-box web vulnerability scanner. In: 21st USENIX Security Symposium (2012)"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Eisele, M., Maugeri, M., Shriwas, R., Huth, C., Bella, G.: Embedded fuzzing: a review of challenges, tools, and solutions. Cybersecurity (2022)","DOI":"10.1186\/s42400-022-00123-y"},{"key":"6_CR14","unstructured":"Feilner, M.: OpenVPN: Building and integrating virtual private networks. Packt Publishing Ltd (2006)"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Feng, X., et al.: Snipuzz: black-box fuzzing of IoT firmware via message snippet inference. In: ACM SIGSAC Conference on Computer and Communications Security (2021)","DOI":"10.1145\/3460120.3484543"},{"key":"6_CR16","unstructured":"Fioraldi, A., Maier, D., Ei\u00dffeldt, H., Heuse, M.: AFL++: combining incremental steps of fuzzing research. In: 14th USENIX Workshop on Offensive Technologies (WOOT 20) (2020)"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Fioraldi, A., Maier, D.C., Zhang, D., Balzarotti, D.: LibAFL: a framework to build modular and reusable fuzzers. In: ACM SIGSAC Conference on Computer and Communications Security (2022)","DOI":"10.1145\/3548606.3560602"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Geretto, E., Giuffrida, C., Bos, H., Van Der\u00a0Kouwe, E.: Snappy: efficient fuzzing with adaptive and mutable snapshots. In: Computer Security Applications Conference (2022)","DOI":"10.1145\/3564625.3564639"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Kim, K., Jeong, D.R., Kim, C.H., Jang, Y., Shin, I., Lee, B.: Hybrid fuzzing on the linux kernel. In NDSS, HFL (2020)","DOI":"10.14722\/ndss.2020.24018"},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Li, J., Li, S., Sun, G., Chen, T., Yu, H.: SNPSFuzzer: a fast greybox fuzzer for stateful network protocols using snapshots. IEEE Transactions on Information Forensics and Security (2022)","DOI":"10.1109\/TIFS.2022.3192991"},{"issue":"1","key":"6_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s42400-018-0002-y","volume":"1","author":"J Li","year":"2018","unstructured":"Li, J., Zhao, B., Zhang, C.: Fuzzing: a survey. Cybersecurity 1(1), 1\u201313 (2018). https:\/\/doi.org\/10.1186\/s42400-018-0002-y","journal-title":"Cybersecurity"},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"Liyanage, D., Lee, S., Tantithamthavorn, C., B\u00f6hme, M.: Extrapolating coverage rate in greybox fuzzing. In: IEEE\/ACM International Conference on Software Engineering (2024)","DOI":"10.1145\/3597503.3639198"},{"key":"6_CR23","unstructured":"Man\u00e8s, V.J., et al.: The art, science, and engineering of fuzzing: a survey. IEEE Transactions on Software Engineering (2019)"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"Mathis, B., Gopinath, R., Mera, M., Kampmann, A., H\u00f6schele, M., Zeller, A.: Parser-directed fuzzing. In: ACM SIGPLAN Conference on Programming Language Design and Implementation (2019)","DOI":"10.1145\/3314221.3314651"},{"key":"6_CR25","doi-asserted-by":"crossref","unstructured":"Meng, R., Mirchev, M., B\u00f6hme, M., Roychoudhury, A.: Large language model guided protocol fuzzing. In: Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS) (2024)","DOI":"10.14722\/ndss.2024.24556"},{"key":"6_CR26","doi-asserted-by":"crossref","unstructured":"Natella, R., Pham, V.-T.: ProFuzzBench: a benchmark for stateful protocol fuzzing. In: ACM SIGSOFT International Symposium on Software Testing and Analysis (2021)","DOI":"10.1145\/3460319.3469077"},{"key":"6_CR27","doi-asserted-by":"crossref","unstructured":"Pham, V.-T., B\u00f6hme, M., Roychoudhury, A.: AFLNET: a greybox fuzzer for network protocols. In: International Conference on Software Testing, Validation and Verification (ICST). IEEE (2020)","DOI":"10.1109\/ICST46399.2020.00062"},{"key":"6_CR28","doi-asserted-by":"crossref","unstructured":"Raffelt, H., Steffen, B., Berg, T.: LearnLib: a library for automata learning and experimentation. In: Proceedings of the 10th International Workshop on Formal Methods for Industrial Critical Systems (2005)","DOI":"10.1145\/1081180.1081189"},{"key":"6_CR29","unstructured":"Rebert, A., et al.: Optimizing seed selection for fuzzing. In: 23rd USENIX Security Symposium (2014)"},{"key":"6_CR30","unstructured":"Schumilo, S., Aschermann, C., Gawlik, R., Schinzel, S., Holz, T.: kAFL: hardware-assisted feedback fuzzing for OS kernels. In: 26th USENIX Security Symposium (2017)"},{"key":"6_CR31","doi-asserted-by":"crossref","unstructured":"Schumilo, S., Aschermann, C., Jemmett, A., Abbasi, A., Holz, T.: Nyx-Net: network fuzzing with incremental snapshots. In: European Conference on Computer Systems (2022)","DOI":"10.1145\/3492321.3519591"},{"key":"6_CR32","unstructured":"Serebryany, K.: OSS-Fuzz: Google\u2019s continuous fuzzing service for open source software"},{"key":"6_CR33","unstructured":"Settles, B.: Active learning literature survey"},{"key":"6_CR34","doi-asserted-by":"crossref","unstructured":"Srivastava, P., Payer, M.: Gramatron: effective grammar-aware fuzzing. In: ACM SIGSOFT International Symposium on Software Testing and Analysis (2021)","DOI":"10.1145\/3460319.3464814"},{"key":"6_CR35","doi-asserted-by":"crossref","unstructured":"Yu, Y., Chen, Z., Gan, S., Wang, X.: SGPFuzzer: a state-driven smart graybox protocol fuzzer for network protocol implementations. IEEE Access (2020)","DOI":"10.1109\/ACCESS.2020.3025037"},{"key":"6_CR36","unstructured":"Zalewski, M.: American Fuzzy Lop - Whitepaper. https:\/\/lcamtuf.coredump.cx\/afl\/technical_details.txt (2016)"},{"key":"6_CR37","doi-asserted-by":"crossref","unstructured":"Zhang, Z., Zhang, H., Zhao, J., Yin, Y.: A survey on the development of network protocol fuzzing techniques. Electronics (2023)","DOI":"10.3390\/electronics12132904"},{"key":"6_CR38","doi-asserted-by":"crossref","unstructured":"Zhu, X., Wen, S., Camtepe, S., Xiang, Y.: Fuzzing: a survey for roadmap. ACM Computing Surveys (CSUR) (2022)","DOI":"10.1145\/3512345"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-07894-0_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,17]],"date-time":"2025-10-17T19:07:30Z","timestamp":1760728050000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-07894-0_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,18]]},"ISBN":["9783032078933","9783032078940"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-07894-0_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,10,18]]},"assertion":[{"value":"18 October 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"In the spirit of open science, we release the code for this project: .","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Data Availability"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Toulouse","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 September 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 September 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.esorics2025.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}