{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T02:13:13Z","timestamp":1773713593403,"version":"3.50.1"},"reference-count":43,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Key Research and Development Projects of Sichuan Province","award":["2022ZDZX0006"],"award-info":[{"award-number":["2022ZDZX0006"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2026,3]]},"DOI":"10.1109\/tdsc.2025.3634366","type":"journal-article","created":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T18:48:19Z","timestamp":1763491699000},"page":"3222-3237","source":"Crossref","is-referenced-by-count":0,"title":["CtrlFuzz: Control Field Aware Greybox Fuzzing for Public ICS Protocols Based on Expert System"],"prefix":"10.1109","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8454-996X","authenticated-orcid":false,"given":"Junqiang","family":"Li","sequence":"first","affiliation":[{"name":"Key Lab of Optical Fiber Sensing and Communications (Ministry of Education), University of Electronic Science and Technology of China, Chengdu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lindong","family":"Peng","sequence":"additional","affiliation":[{"name":"Key Lab of Optical Fiber Sensing and Communications (Ministry of Education), University of Electronic Science and Technology of China, Chengdu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5219-1780","authenticated-orcid":false,"given":"Hongfang","family":"Yu","sequence":"additional","affiliation":[{"name":"Key Lab of Optical Fiber Sensing and Communications (Ministry of Education), University of Electronic Science and Technology of China, Chengdu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9165-8331","authenticated-orcid":false,"given":"Ting","family":"Chen","sequence":"additional","affiliation":[{"name":"Center for Cybersecurity, University of Electronic Science and Technology of China, Chengdu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Deming","family":"Mao","sequence":"additional","affiliation":[{"name":"China Electronic Technology Cyber Security Company, Ltd., Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9886-1412","authenticated-orcid":false,"given":"Xiaosong","family":"Zhang","sequence":"additional","affiliation":[{"name":"Center for Cybersecurity, University of Electronic Science and Technology of China, Chengdu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Modbus protocol","author":"Organization","year":"2024"},{"key":"ref2","article-title":"Win32\/industroyer: A new threat for industrial control systems","author":"Cherepanov","year":"2017"},{"key":"ref3","article-title":"AFLNWE","author":"Pham","year":"2020"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/ICST46399.2020.00062"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-022-10233-3"},{"key":"ref6","first-page":"3255","article-title":"Stateful greybox fuzzing","volume-title":"Proc. 31st USENIX Secur. Symp.","author":"Ba"},{"key":"ref7","article-title":"Peach fuzzing platform","author":"Eddington","year":"2021"},{"key":"ref8","article-title":"Boofuzz: A fork and successor of the sulley fuzzing framework","author":"Pereyda","year":"2024"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/DAC18074.2021.9586321"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2022.3201471"},{"key":"ref11","first-page":"4481","article-title":"Bleem: Packet sequence oriented fuzzing for protocol implementations","volume-title":"Proc. 32nd USENIX Secur. Symp.","author":"Luo"},{"key":"ref12","article-title":"Wireshark: The world\u2019s most popular network protocol analyzer","year":"2024"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.3390\/app14062409"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101677"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-82r2"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3228076"},{"key":"ref17","article-title":"Common industrial protocol (CIP)","year":"2025"},{"key":"ref18","article-title":"Opener is an EtherNet\/IP stack for I\/O adapter devices","year":"2023"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3580599"},{"key":"ref20","article-title":"Whole program LLVM","year":"2024"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2024.24556"},{"key":"ref22","article-title":"American fuzzy lop","author":"Zalewski","year":"2014"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/IECON55916.2024.10905724"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3492321.3519591"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3192991"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2022.23008"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534376"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3318571"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/DAC18072.2020.9218603"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2840724"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-016-0289-8"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3326666"},{"key":"ref33","first-page":"1","article-title":"Discoverer: Automatic protocol reverse engineering from network traces","volume-title":"Proc. USENIX Secur. Symp.","author":"Cui"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2012.6459963"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2013.01.013"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM41043.2020.9155275"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24531"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM48880.2022.9796964"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616614"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315286"},{"key":"ref41","first-page":"1","article-title":"Automatic protocol format reverse engineering through context-aware monitored execution","volume-title":"Proc. Netw. Distrib. Syst. Secur. Symp.","author":"Lin"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23318"},{"key":"ref43","first-page":"7019","article-title":"Extracting protocol format as state machine via controlled static loop analysis","volume-title":"Proc. 32nd USENIX Secur. Symp.","author":"Shi"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8858\/11434575\/11251129.pdf?arnumber=11251129","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T01:15:52Z","timestamp":1773710152000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11251129\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3]]},"references-count":43,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2025.3634366","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"value":"1545-5971","type":"print"},{"value":"1941-0018","type":"electronic"},{"value":"2160-9209","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3]]}}}