{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T03:54:09Z","timestamp":1776830049619,"version":"3.51.2"},"reference-count":91,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T00:00:00Z","timestamp":1773446400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"},{"start":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T00:00:00Z","timestamp":1776816000000},"content-version":"vor","delay-in-days":39,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Discov Internet Things"],"DOI":"10.1007\/s43926-026-00302-0","type":"journal-article","created":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T13:34:40Z","timestamp":1773495280000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Protocol guided mutation fuzzing to automatically discover vulnerability in commercial IoT devices"],"prefix":"10.1007","volume":"6","author":[{"given":"Priyanka","family":"Chaudhary","sequence":"first","affiliation":[]},{"given":"Rajib","family":"Maiti","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,3,14]]},"reference":[{"key":"302_CR1","unstructured":"Inc S. Internet of Things (IoT) total annual revenue worldwide from 2020 to 2030. https:\/\/www.statista.com\/statistics\/1194709\/iot-revenue-worldwide\/."},{"key":"302_CR2","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1016\/j.comnet.2018.11.025","volume":"148","author":"WH Hassan","year":"2019","unstructured":"Hassan WH, et al. Current research on Internet of Things (IoT) security: a survey. Comput Netw. 2019;148:283\u201394.","journal-title":"Comput Netw"},{"issue":"1","key":"302_CR3","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0227800","volume":"15","author":"SD Johnson","year":"2020","unstructured":"Johnson SD, Blythe JM, Manning M, Wong GT. The impact of IoT security labelling on consumer product choice and willingness to pay. PLoS ONE. 2020;15(1):e0227800.","journal-title":"PLoS ONE"},{"issue":"1","key":"302_CR4","first-page":"79","volume":"31","author":"JR Fichtner","year":"2022","unstructured":"Fichtner JR, Strader TJ. Will products liability litigation help protect iot users from cyber-physical attacks? J Int Technol Inf Manag. 2022;31(1):79\u201396.","journal-title":"J Int Technol Inf Manag"},{"key":"302_CR5","doi-asserted-by":"publisher","first-page":"2702","DOI":"10.1109\/COMST.2019.2910750","volume":"21","author":"N Neshenko","year":"2019","unstructured":"Neshenko N, Bou-Harb E, Crichigno J, Kaddoum G, Ghani N. Demystifying iot security: an exhaustive survey on iot vulnerabilities and a first empirical look on internet-scale iot exploitations. IEEE Commun Surv Tutor. 2019;21:2702\u201333.","journal-title":"IEEE Commun Surv Tutor"},{"key":"302_CR6","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2019.100129","volume":"14","author":"H HaddadPajouh","year":"2021","unstructured":"HaddadPajouh H, Dehghantanha A, Parizi RM, Aledhari M, Karimipour H. A survey on internet of things security: requirements, challenges, and solutions. Internet Things. 2021;14:100129.","journal-title":"Internet Things"},{"issue":"17","key":"302_CR7","doi-asserted-by":"publisher","first-page":"4806","DOI":"10.3390\/s20174806","volume":"20","author":"N Kalbo","year":"2020","unstructured":"Kalbo N, Mirsky Y, Shabtai A, Elovici Y. The security of IP-based video surveillance systems. Sensors. 2020;20(17):4806.","journal-title":"Sensors"},{"key":"302_CR8","unstructured":"Labs M. 150,000 Verkada security cameras hacked\u2014to make a point. https:\/\/www.malwarebytes.com\/blog\/news\/2021\/03\/150000-verkada-security-cameras-hacked-to-make-a-point."},{"issue":"3","key":"302_CR9","doi-asserted-by":"publisher","first-page":"675","DOI":"10.1016\/j.is.2010.11.003","volume":"36","author":"W Kim","year":"2011","unstructured":"Kim W, Jeong OR, Kim C, So J. The dark side of the Internet: attacks, costs and responses. Inf Syst. 2011;36(3):675\u2013705.","journal-title":"Inf Syst"},{"key":"302_CR10","unstructured":"Zhou W, Jia Y, Yao Y, Zhu L, Guan L, Mao Y, et al. Discovering and understanding the security hazards in the interactions between $$\\{$$IoT$$\\}$$ devices, mobile apps, and clouds on smart home platforms. In: USENIX; 2019."},{"key":"302_CR11","doi-asserted-by":"crossref","unstructured":"Shang Z, Garbelini ME, Chattopadhyay S. U-Fuzz: Stateful Fuzzing of IoT Protocols on COTS Devices. In: IEEE conference on software testing, verification and validation; 2024. p. 209\u2013220.","DOI":"10.1109\/ICST60714.2024.00027"},{"key":"302_CR12","doi-asserted-by":"crossref","unstructured":"Li J, Zhao B, Zhang C. Fuzzing: a survey. Cybersecurity. 2018.","DOI":"10.1186\/s42400-018-0002-y"},{"issue":"3","key":"302_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3623375","volume":"56","author":"S Mallissery","year":"2023","unstructured":"Mallissery S, Wu YS. Demystify the fuzzing methods: a comprehensive survey. ACM Comput Surv. 2023;56(3):1\u201338.","journal-title":"ACM Comput Surv"},{"key":"302_CR14","unstructured":"Manes VJ, Han H, Han C, Cha SK, Egele M, Schwartz EJ, et al. Fuzzing: art, science, and engineering. arXiv preprint arXiv:1812.00140. 2018."},{"key":"302_CR15","doi-asserted-by":"crossref","unstructured":"Ibrahim M, Continella A, Bianchi A. Aot-attack on things: a security analysis of iot firmware updates. IEEE (EuroS&P); 2023.","DOI":"10.1109\/EuroSP57164.2023.00065"},{"issue":"7","key":"302_CR16","doi-asserted-by":"publisher","first-page":"3120","DOI":"10.3390\/app11073120","volume":"11","author":"H Zhang","year":"2021","unstructured":"Zhang H, Lu K, Zhou X, Yin Q, Wang P, Yue T. SIoTFuzzer: fuzzing web interface in IoT firmware via stateful message generation. Appl Sci. 2021;11(7):3120.","journal-title":"Appl Sci"},{"key":"302_CR17","doi-asserted-by":"crossref","unstructured":"Feng X, Sun R, Zhu X, Xue M, Wen S, Liu D, et al. Snipuzz: black-box fuzzing of iot firmware via message snippet inference. In: ACM SIGSAC; 2021.","DOI":"10.1145\/3460120.3484543"},{"key":"302_CR18","unstructured":"0git documentation L. LibFuzzer \u2013 a library for coverage-guided Fuzz Testing. https:\/\/www.llvm.org\/docs\/LibFuzzer.html."},{"key":"302_CR19","doi-asserted-by":"crossref","unstructured":"Redini N, Continella A, Das D, De Pasquale G, Spahn N, Machiry A, et al. Diane: Identifying fuzzing triggers in apps to generate under-constrained inputs for iot devices. In: IEEE symposium on security and privacy; 2021. p. 484\u2013500.","DOI":"10.1109\/SP40001.2021.00066"},{"key":"302_CR20","doi-asserted-by":"crossref","unstructured":"Xu Z, Huang W, Fan W, Cheng Y. FIoTFuzzer: Response-based black-box fuzzing for IoT devices. In: IEEE\/ACIS international conference on computer and information science; 2022.","DOI":"10.1109\/ICIS54925.2022.9882418"},{"key":"302_CR21","doi-asserted-by":"crossref","unstructured":"Chen J, Diao W, Zhao Q, Zuo C, Lin Z, Wang X, et al. IoTFuzzer: discovering Memory corruptions in IoT through app-based fuzzing. In: NDSS; 2018.","DOI":"10.14722\/ndss.2018.23159"},{"key":"302_CR22","unstructured":"of Standards NI, (NIST) T. Baseline security criteria for consumer IoT devices. https:\/\/www.nist.gov\/system\/files\/documents\/2021\/08\/31\/IoT%20White%20Paper%20-%20Final%202021-08-31.pdf."},{"key":"302_CR23","doi-asserted-by":"crossref","unstructured":"Chaudhary PR, Krishna NP, Maiti RR. IoTFuzzSentry: hunting bugs in the IoT wilderness in operational phase using payload fuzzing. In: ACM CODASPY; 2024.","DOI":"10.1145\/3626232.3658642"},{"key":"302_CR24","unstructured":"Samsung. Cotopaxi. https:\/\/github.com\/Samsung\/cotopaxi."},{"key":"302_CR25","unstructured":"Anonymous.: Anonymous. https:\/\/github.com\/Anonymous120386\/Anonymous."},{"key":"302_CR26","doi-asserted-by":"crossref","unstructured":"Sachidananda V, Bhairav S, Elovici Y. OVER: overhauling vulnerability detection for IoT through an adaptable and automated static analysis framework. In: ACM symposium on App. Computing; 2020. p. 729\u2013738.","DOI":"10.1145\/3341105.3373930"},{"key":"302_CR27","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/s10009-020-00592-x","volume":"23","author":"P Ferrara","year":"2021","unstructured":"Ferrara P, Mandal AK, Cortesi A, Spoto F. Static analysis for discovering IoT vulnerabilities. Int J Softw Tools Technol Transfer. 2021;23:71\u201388.","journal-title":"Int J Softw Tools Technol Transfer"},{"key":"302_CR28","doi-asserted-by":"crossref","unstructured":"Ozmen MO, Li X, Chu A, Celik ZB, Hoxha B, Zhang X. Discovering IoT physical channel vulnerabilities. In: ACM SIGSAC CCCS; 2022.","DOI":"10.1145\/3548606.3560644"},{"key":"302_CR29","doi-asserted-by":"crossref","unstructured":"Yu M, Zhuge J, Cao M, Shi Z, Jiang L. A survey of security vulnerability analysis, discovery, detection, and mitigation on IoT devices. Future Internet. 2020.","DOI":"10.3390\/fi12020027"},{"key":"302_CR30","doi-asserted-by":"crossref","unstructured":"Yavuz T, Brant C. Security analysis of IoT frameworks using static taint analysis. In: ACM CODASPY; 2022. p. 203\u2013213.","DOI":"10.1145\/3508398.3511511"},{"key":"302_CR31","doi-asserted-by":"crossref","unstructured":"Mandal A, Ferrara P, Khlyebnikov Y, Cortesi A, Spoto F. Cross-program taint analysis for IoT systems. In: ACM symposium on applied computing; 2020.","DOI":"10.1145\/3341105.3373924"},{"key":"302_CR32","doi-asserted-by":"crossref","unstructured":"Stephens N, Grosen J, Salls C, Dutcher A, Wang R, Corbetta J, et al. Driller: augmenting fuzzing through selective symbolic execution. In: NDSS; 2016.","DOI":"10.14722\/ndss.2016.23368"},{"key":"302_CR33","unstructured":"Ognawala S, Petrovska A, Beckers K. An exploratory survey of hybrid testing techniques involving symbolic execution and fuzzing."},{"key":"302_CR34","doi-asserted-by":"crossref","unstructured":"Ognawala S, Hutzelmann T, Psallida E, Pretschner A. Improving function coverage with munch: a hybrid fuzzing and directed symbolic execution approach. In: ACM symposium on applied computing; 2018. p. 1475\u20131482.","DOI":"10.1145\/3167132.3167289"},{"issue":"13","key":"302_CR35","doi-asserted-by":"publisher","first-page":"10390","DOI":"10.1109\/JIOT.2021.3056179","volume":"8","author":"M Eceiza-Olaizola","year":"2021","unstructured":"Eceiza-Olaizola M, Privacy N, Iturbe M. Fuzzing the internet of things: a review on the techniques and challenges for efficient vulnerability discovery in embedded systems. IEEE Internet Things J. 2021;8(13):10390\u2013411.","journal-title":"IEEE Internet Things J"},{"key":"302_CR36","doi-asserted-by":"crossref","unstructured":"Luo L, Zeng Q, Yang B, Zuo F, Wang J. Westworld: fuzzing-assisted remote dynamic symbolic execution of smart apps on IoT cloud platforms. In: Computer security applications conference; 2021. p. 982\u201395.","DOI":"10.1145\/3485832.3488022"},{"key":"302_CR37","unstructured":"Lyu C, Xu J, Ji S, Zhang X, Wang Q, Zhao B, et al. MINER: A hybrid data-driven approach for REST API fuzzing. In: USENIX; 2023. p. 4517\u201334."},{"key":"302_CR38","doi-asserted-by":"crossref","unstructured":"Xu J, Zhang X, Ji S, Tian Y, Zhao B, Wang Q, et al. MOCK: optimizing Kernel fuzzing mutation with context-aware dependency. NDSS. 2024.","DOI":"10.14722\/ndss.2024.23131"},{"key":"302_CR39","unstructured":"Zeller A, Gopinath R, Bohme M, Fraser G, Holler C. The fuzzing book. CISPA Helmholtz Center for Information Security; 2024."},{"key":"302_CR40","doi-asserted-by":"publisher","first-page":"20718","DOI":"10.1109\/JIOT.2023.3303780","volume":"10","author":"L Situ","year":"2023","unstructured":"Situ L, Zhang C, Guan L, Zuo Z, Wang L, Li X, et al. Physical devices-agnostic hybrid fuzzing of IoT firmware. IEEE Internet Things J. 2023;10:20718\u201334. https:\/\/doi.org\/10.1109\/JIOT.2023.3303780.","journal-title":"IEEE Internet Things J"},{"key":"302_CR41","doi-asserted-by":"publisher","DOI":"10.1145\/3532184","author":"W Blair","year":"2022","unstructured":"Blair W, Mambretti A, Arshad S, Weissbacher M, Robertson W, Kirda E, et al. Hotfuzz: discovering temporal and spatial denial-of-service vulnerabilities through guided micro-fuzzing. ACM Trans Priv Secur. 2022. https:\/\/doi.org\/10.1145\/3532184.","journal-title":"ACM Trans Priv Secur"},{"key":"302_CR42","unstructured":"GitLab. Peach Fuzzer. https:\/\/peachtech.gitlab.io\/peach-fuzzer-community\/."},{"key":"302_CR43","unstructured":"Zalewski M. American fuzzy lop. https:\/\/lcamtuf.coredump.cx\/afl\/."},{"key":"302_CR44","unstructured":"Schumilo S, Aschermann C, Gawlik R, Schinzel S, Holz T. $$\\{$$kAFL$$\\}$$:$$\\{$$Hardware-Assisted$$\\}$$ feedback fuzzing for $$\\{$$OS$$\\}$$ kernels. In: USENIX security symposium; 2017. p. 167\u2013182."},{"key":"302_CR45","unstructured":"Wang Q, Chang B, Ji S, Tian Y, Zhang X, Zhao B, et al. SyzTrust: State-aware fuzzing on trusted OS designed for IoT devices."},{"key":"302_CR46","unstructured":"D V. Syzkaller. https:\/\/github.com\/google\/syzkaller."},{"key":"302_CR47","unstructured":"BS. Fuzzing with spike. https:\/\/samsclass.info\/127\/proj\/p16-spike.htmr."},{"issue":"8","key":"302_CR48","first-page":"239","volume":"10","author":"S Gorbunov","year":"2010","unstructured":"Gorbunov S, Rosenbloom A. Autofuzz: automated network protocol fuzzing framework. Ijcsns. 2010;10(8):239.","journal-title":"Ijcsns"},{"key":"302_CR49","doi-asserted-by":"crossref","unstructured":"Banks G, Cova M, Felmetsger V, Almeroth K, Kemmerer R, Vigna G. SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr. In: Information Security; 2006.","DOI":"10.1007\/11836810_25"},{"key":"302_CR50","doi-asserted-by":"crossref","unstructured":"Sorniotti A, Weissbacher M, Kurmus A. Go or No Go: differential Fuzzing of Native and C Libraries. In: IEEE Security and Privacy Workshops (SPW); 2023.","DOI":"10.1109\/SPW59333.2023.00036"},{"key":"302_CR51","doi-asserted-by":"crossref","unstructured":"Sharma S, Tanksalkar SR, Cherupattamoolayil S, Machiry A. Fuzzing API error handling behaviors using coverage guided fault injection. In: ACM ACCCS; 2024. p. 1495\u20131509.","DOI":"10.1145\/3634737.3637650"},{"key":"302_CR52","unstructured":"OpenRCE. OpenRCE\/sulley: a pure-python fully automated and unattended fuzzing framework. https:\/\/github.com\/OpenRCE\/sulley."},{"key":"302_CR53","unstructured":"Pereyda, J. A fork and successor of the Sulley fuzzing framework. https:\/\/github.com\/jtpereyda\/ boofuzz (accessed on 27 March 2021)."},{"key":"302_CR54","unstructured":"Ispoglou K, Austin D, Mohan V, Payer M. FuzzGen: automatic Fuzzer Generation. In: USENIX Security Symposium; 2020."},{"key":"302_CR55","unstructured":"Lyu C, Ji S, Zhang C, Li Y, Lee WH, Song Y, et al. $$\\{$$MOPT$$\\}$$: optimized mutation scheduling for fuzzers. In: 28th USENIX security symposium (USENIX security 19); 2019. p. 1949\u20131966."},{"issue":"24","key":"302_CR56","doi-asserted-by":"publisher","first-page":"4066","DOI":"10.3390\/electronics11244066","volume":"11","author":"T Feng","year":"2022","unstructured":"Feng T, Liu J. Optimization research of directed fuzzing based on AFL. Electronics. 2022;11(24):4066.","journal-title":"Electronics"},{"key":"302_CR57","unstructured":"Zheng Y, Davanian A, Yin H, Song C, Zhu H, Sun L. FIRM-AFL: high-throughput Greybox fuzzing of IoT firmware via augmented process emulation. In: Proceedings of the 28th USENIX security symposium (USENIX security 2019); 2019. Available from https:\/\/www.usenix.org\/system\/files\/sec19-zheng_0.pdf."},{"issue":"1","key":"302_CR58","first-page":"5076324","volume":"2019","author":"D Wang","year":"2019","unstructured":"Wang D, Zhang X, Chen T, Li J. Discovering vulnerabilities in COTS IoT devices through blackbox fuzzing web management interface. Secur Commun Netw. 2019;2019(1):5076324.","journal-title":"Secur Commun Netw"},{"key":"302_CR59","doi-asserted-by":"crossref","unstructured":"Liu K, Yang M, Ling Z, Zhang Y, Lei C, Luo J, et al. RIoTFuzzer: companion App Assisted Remote Fuzzing for Detecting Vulnerabilities in IoT Devices. In: Proceedings of the 2024 on ACM SIGSAC conference on computer and communications security. New York, NY, USA: Association for Computing Machinery; 2024. p. 2341\u201354. Available from: https:\/\/doi.org\/10.1145\/3658644.3670342.","DOI":"10.1145\/3658644.3670342"},{"key":"302_CR60","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102889","volume":"122","author":"X Du","year":"2022","unstructured":"Du X, Chen A, He B, Chen H, Zhang F, Chen Y. AflIot: fuzzing on linux-based IoT device with binary-level instrumentation. Comput Secur. 2022;122:102889.","journal-title":"Comput Secur"},{"issue":"6","key":"302_CR61","doi-asserted-by":"publisher","first-page":"10183","DOI":"10.1109\/JIOT.2023.3325851","volume":"11","author":"X Ban","year":"2024","unstructured":"Ban X, Ding M, Liu S, Chen C, Zhang J. Iotfuzz: automated discovery of violations in smart homes with real environment. IEEE Internet Things J. 2024;11(6):10183\u201396.","journal-title":"IEEE Internet Things J"},{"issue":"1","key":"302_CR62","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1109\/LNET.2025.3526776","volume":"7","author":"Z Wen","year":"2025","unstructured":"Wen Z, Yu J, Huang Z, Wu Y, Hong Z, Ranjan R. SGMFuzz: state guided mutation protocol fuzzing. IEEE Netw Lett. 2025;7(1):71\u20135.","journal-title":"IEEE Netw Lett"},{"issue":"22","key":"302_CR63","doi-asserted-by":"publisher","first-page":"22737","DOI":"10.1109\/JIOT.2022.3182589","volume":"9","author":"Z Shu","year":"2022","unstructured":"Shu Z, Yan G. IoTInfer: automated blackbox fuzz testing of IoT network protocols guided by finite state machine inference. IEEE Internet Things J. 2022;9(22):22737\u201351.","journal-title":"IEEE Internet Things J"},{"issue":"8","key":"302_CR64","first-page":"1989","volume":"7","author":"Z Wang","year":"2013","unstructured":"Wang Z, Zhang Y, Liu Q. Rpfuzzer: a framework for discovering router protocols vulnerabilities based on fuzzing. Trans Internet Inf Syst (TIIS). 2013;7(8):1989\u20132009.","journal-title":"Trans Internet Inf Syst (TIIS)"},{"key":"302_CR65","doi-asserted-by":"crossref","unstructured":"Ren M, Ren X, Feng H, Ming J, Lei Y. Z-Fuzzer: device-agnostic fuzzing of Zigbee protocol implementation. In: Proceedings of the 14th ACM conference on security and privacy in wireless and mobile networks; 2021. p. 347\u201358.","DOI":"10.1145\/3448300.3468296"},{"key":"302_CR66","unstructured":"Franks PJ, Hallam-Baker P, Stewart L, Hostetler JL, Lawrence S, Leach PJ, et al. HTTP Authentication: basic and digest access authentication. RFC Editor. RFC 2617. Available from https:\/\/www.rfc-editor.org\/info\/rfc2617."},{"key":"302_CR67","unstructured":"Rao A, Lanphier R, Schulzrinne H. Real Time Streaming Protocol (RTSP). RFC Editor. RFC 2326. Available from: https:\/\/www.rfc-editor.org\/info\/rfc2326."},{"key":"302_CR68","unstructured":"Wireshark. Display Filter Reference: TP-link smart home protocol. https:\/\/www.wireshark.org\/docs\/dfref\/t\/tplink-smarthome.html."},{"key":"302_CR69","unstructured":"softScheck. TP-Link WiFi SmartPlug client and wireshark dissector. https:\/\/github.com\/softScheck\/tplink-smartplug\/blob\/master\/tplink-smarthome-commands.txt."},{"key":"302_CR70","unstructured":"Developers PK. Python Kasa. https:\/\/github.com\/python-kasa."},{"key":"302_CR71","unstructured":"organization V. VlC media player for debian gnu\/linux. https:\/\/www.videolan.org\/vlc\/download-debian.html."},{"key":"302_CR72","unstructured":"iSpyConnect. iSpy and AgentDVR. https:\/\/www.ispyconnect.com\/."},{"key":"302_CR73","unstructured":"Ullaakut. Cameradar. https:\/\/github.com\/Ullaakut\/cameradar."},{"key":"302_CR74","unstructured":"Chaudhary PR, Krishna NP, Maiti RR. Added payload_d3d_000_request.raw payload #11. https:\/\/github.com\/Samsung\/cotopaxi\/pull\/11."},{"key":"302_CR75","unstructured":"Fioraldi A, Maier D, Eissfeldt H, Heuse M. $$\\{$$AFL++$$\\}$$: Combining incremental steps of fuzzing research. In: USENIX; 2020."},{"key":"302_CR76","doi-asserted-by":"crossref","unstructured":"Pham V, B\u00f6hme M, Roychoudhury A. AFLNET: A greybox fuzzer for network protocols. In: IEEE ICST; 2020.","DOI":"10.1109\/ICST46399.2020.00062"},{"key":"302_CR77","unstructured":"Electronics MO, Technology I.: Indian computer emergency response team. https:\/\/www.cert-in.org.in\/."},{"key":"302_CR78","unstructured":"Chaudhary PR, Maiti RR. CVE-2024-41623. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-41623."},{"key":"302_CR79","unstructured":"Priyanka Rushikesh Chaudhary RRM.: CVE-2024-42531. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-42531."},{"key":"302_CR80","unstructured":"Mitre. CWE-20: Improper input validation. Available from: https:\/\/cwe.mitre.org\/data\/definitions\/20.html."},{"key":"302_CR81","unstructured":"Mitre. CWE-94: improper control of generation of code (\u2019code injection\u2019). Available from: https:\/\/cwe.mitre.org\/data\/definitions\/94.html."},{"key":"302_CR82","doi-asserted-by":"crossref","unstructured":"Cynthia J, Parveen Sultana H, Saroja M, Senthil J. Security protocols for IoT. Ubiquitous computing and computing security of IoT. 2019. p. 1\u201328.","DOI":"10.1007\/978-3-030-01566-4_1"},{"issue":"3","key":"302_CR83","doi-asserted-by":"publisher","first-page":"55","DOI":"10.3390\/fi12030055","volume":"12","author":"G Nebbione","year":"2020","unstructured":"Nebbione G, Calzarossa MC. Security of IoT application layer protocols: challenges and findings. Future Internet. 2020;12(3):55.","journal-title":"Future Internet"},{"key":"302_CR84","doi-asserted-by":"publisher","first-page":"97197","DOI":"10.1109\/ACCESS.2022.3205351","volume":"10","author":"M Abbasi","year":"2022","unstructured":"Abbasi M, Plaza-Hernandez M, Prieto J, Corchado JM. Security in the internet of things application layer: requirements, threats, and solutions. IEEE Access. 2022;10:97197\u2013216.","journal-title":"IEEE Access"},{"key":"302_CR85","unstructured":"Shodan. Shodan Search Engine. https:\/\/www.shodan.io\/dashboard."},{"key":"302_CR86","unstructured":"Fiteruau-Brocstean P, Jonsson B, Merget R, De Ruiter J, Sagonas K, Somorovsky J. Analysis of DTLS implementations using protocol state fuzzing. In: USENIX Conference on Security Symposium; 2020."},{"issue":"2","key":"302_CR87","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3696788","volume":"57","author":"X Zhang","year":"2024","unstructured":"Zhang X, Zhang C, Li X, Du Z, Mao B, Li Y, et al. A survey of protocol fuzzing. ACM Comput Surv. 2024;57(2):1\u201336. https:\/\/doi.org\/10.1145\/3696788.","journal-title":"ACM Comput Surv"},{"key":"302_CR88","unstructured":"Ang KK, Ranasinghe DC. QUIC-Fuzz: an effective greybox fuzzer for the QUIC protocol. Available from: https:\/\/arxiv.org\/abs\/2503.19402."},{"key":"302_CR89","unstructured":"Helin A. HonggFuzz. https:\/\/github.com\/aoh\/radamsa."},{"key":"302_CR90","unstructured":"Rivas M. Fuzzowski network fuzzer. https:\/\/github.com\/nccgroup\/fuzzowski."},{"key":"302_CR91","unstructured":"Marcussen E. Doona\u2014network fuzzing tool. https:\/\/github.com\/wireghoul\/doona."}],"container-title":["Discover Internet of Things"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s43926-026-00302-0","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s43926-026-00302-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s43926-026-00302-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T03:01:14Z","timestamp":1776826874000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s43926-026-00302-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,14]]},"references-count":91,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["302"],"URL":"https:\/\/doi.org\/10.1007\/s43926-026-00302-0","relation":{},"ISSN":["2730-7239"],"issn-type":[{"value":"2730-7239","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,14]]},"assertion":[{"value":"13 August 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 February 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 March 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors state that no sensitive information about any users or vendors was collected or stored, and that no harm was caused to real-world systems or services during testing process.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}},{"value":"Not Applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"The authors declare no competing interesst.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"54"}}