{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T09:27:52Z","timestamp":1761989272681,"version":"3.28.0"},"reference-count":40,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,10]]},"DOI":"10.1109\/ccst.2018.8585565","type":"proceedings-article","created":{"date-parts":[[2018,12,24]],"date-time":"2018-12-24T23:55:13Z","timestamp":1545695713000},"page":"1-5","source":"Crossref","is-referenced-by-count":7,"title":["Maximizing and Leveraging Behavioral Discrepancies in TLS Implementations using Response-Guided Differential Fuzzing"],"prefix":"10.1109","author":[{"given":"Andreas","family":"Walz","sequence":"first","affiliation":[]},{"given":"Axel","family":"Sikora","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"journal-title":"TLS-Attacker A Java-based Framework for Analyzing TLS Libraries","year":"0","key":"ref39"},{"journal-title":"WolfSSL Embedded SSL Library for Applications Devices IoT and the Cloud","year":"0","key":"ref38"},{"journal-title":"LibreSSL A version of the TLS\/crypto stack forked from OpenSSL in 2014","year":"0","key":"ref33"},{"journal-title":"BoringSSL A Fork of OpenSSL that is Designed to Meet Google's Needs","year":"0","key":"ref32"},{"journal-title":"BearSSL A smaller SSL\/TLS Library","year":"0","author":"pornin","key":"ref31"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1099-1689(199912)9:4<263::AID-STVR190>3.0.CO;2-Y"},{"journal-title":"OpenSSL cryptography library","year":"0","key":"ref37"},{"journal-title":"Network Security Services (NSS) A set of libraries designed to support cross-platform development of security-enabled client and server applications","year":"0","key":"ref36"},{"journal-title":"mbedTLS An open source portable easy to use readable and flexible SSL library","year":"0","key":"ref35"},{"journal-title":"MatrixSSL Lightweight Embedded SSL\/TLS Implementation for IoT Devices","year":"0","key":"ref34"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.58"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/IDAACS.2017.8095200"},{"key":"ref11","first-page":"223","article-title":"Not-Quite-So-Broken TLS: Lessons in Re-Engineering a Security Protocol Specification and Implementation","author":"kaloper-mer\u0161injak","year":"2015","journal-title":"24th USENIX Security Symposium (USENIX Security 15)"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978411"},{"key":"ref13","first-page":"193","article-title":"Protocol State Fuzzing of TLS Implementations","author":"de ruiter","year":"2015","journal-title":"24th USENIX Security Symposium (USENIX Security 15)"},{"key":"ref14","doi-asserted-by":"crossref","first-page":"535","DOI":"10.1109\/SP.2015.39","article-title":"A Messy State of the Union: Taming the Composite State Machines of TLS","author":"beurdouche","year":"2015","journal-title":"Proc of IEEE Symposium on Security and Privacy 2015"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ICSTW.2017.63"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"ref17","article-title":"Fuzzing: The State of the Art","author":"mcnally","year":"2012","journal-title":"Australian Government Department of Defence Tech Rep AR-015&#x2013;148"},{"key":"ref18","first-page":"100","article-title":"Differential Testing for Software","volume":"10","author":"mckeeman","year":"1998","journal-title":"Digital Technical Journal"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455806"},{"journal-title":"American Fuzzy Lop (AFL)","year":"0","key":"ref28"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.14"},{"key":"ref27","article-title":"Angora: efficient fuzzing by principled search","author":"peng chen","year":"2018","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.17487\/rfc7457"},{"journal-title":"How to Prevent the next Heartbleed","year":"2014","author":"wheeler","key":"ref6"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180226"},{"journal-title":"CVE-2014&#x2013;0160","article-title":"OpenSSL &#x2018;Heartbleed&#x2019; vulnerability","year":"2013","key":"ref5"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133378"},{"key":"ref7","article-title":"Exploiting Dissent: Towards Fuzzing-based Differential Black Box Testing of TLS Implementations","author":"walz","year":"2017","journal-title":"To appear in IEEE Transactions on Dependable and Secure Computing"},{"key":"ref2","article-title":"Lessons Learned From Previous SSL\/TLS Attacks - A Brief Chronology Of Attacks And Weaknesses","author":"meyer","year":"2013","journal-title":"Cryptology EPrint Archive Report 2013\/496"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.37"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5246"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/1993498.1993532"},{"key":"ref22","first-page":"793","article-title":"Guided Differential Testing of Certificate Validation in SSL\/TLS Implementations","author":"chen","year":"2015","journal-title":"Proc 10th ACM Symp on Found Softw Eng"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.15"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978383"},{"key":"ref23","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1145\/2908080.2908095","article-title":"Coverage-directed Differential Testing of JVM Implementations","author":"chen","year":"2016","journal-title":"Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation ser PLDI &#x2018;16"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.27"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.46"}],"event":{"name":"2018 International Carnahan Conference on Security Technology (ICCST)","start":{"date-parts":[[2018,10,22]]},"location":"Montreal, QC","end":{"date-parts":[[2018,10,25]]}},"container-title":["2018 International Carnahan Conference on Security Technology (ICCST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8573569\/8585426\/08585565.pdf?arnumber=8585565","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T15:02:22Z","timestamp":1643295742000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8585565\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10]]},"references-count":40,"URL":"https:\/\/doi.org\/10.1109\/ccst.2018.8585565","relation":{},"subject":[],"published":{"date-parts":[[2018,10]]}}}