{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T21:07:24Z","timestamp":1774472844804,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,8,25]],"date-time":"2020-08-25T00:00:00Z","timestamp":1598313600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Federal Ministry for Climate Action, Environment, Energy, Mobility, Innovation and Technology (BMK)"},{"name":"Province of Upper Austria"},{"name":"COMET - Competence Centers for Excellent Technologies Programme","award":["865891"],"award-info":[{"award-number":["865891"]}]},{"name":"Federal Ministry for Digital and Economic Affairs (BMDW)"},{"name":"Austrian Research Promotion Agency (FFG)","award":["863129"],"award-info":[{"award-number":["863129"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,8,25]]},"DOI":"10.1145\/3407023.3407078","type":"proceedings-article","created":{"date-parts":[[2020,7,30]],"date-time":"2020-07-30T16:32:52Z","timestamp":1596126772000},"page":"1-9","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Automated security test generation for MQTT using attack patterns"],"prefix":"10.1145","author":[{"given":"Hannes","family":"Sochor","sequence":"first","affiliation":[{"name":"Software Competence Center Hagenberg GmbH (SCCH), Hagenberg, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Flavio","family":"Ferrarotti","sequence":"additional","affiliation":[{"name":"Software Competence Center Hagenberg GmbH (SCCH), Hagenberg, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rudolf","family":"Ramler","sequence":"additional","affiliation":[{"name":"Software Competence Center Hagenberg GmbH (SCCH), Hagenberg, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,8,25]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2444095"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2013.02.061"},{"key":"e_1_3_2_1_3_1","unstructured":"Andrew Banks Ed Briggs Ken Borgendale and Rahul Gupta. [n.d.]. MQTT Version 5.0. OASIS Standard. https:\/\/docs.oasis-open.org\/mqtt\/mqtt\/v5.0\/mqtt-v5.0.html  Andrew Banks Ed Briggs Ken Borgendale and Rahul Gupta. [n.d.]. MQTT Version 5.0. OASIS Standard. https:\/\/docs.oasis-open.org\/mqtt\/mqtt\/v5.0\/mqtt-v5.0.html"},{"key":"e_1_3_2_1_4_1","unstructured":"Andrew Banks and Rahul Gupta. [n.d.]. MQTT Version 3.1.1. OASIS Standard. http:\/\/docs.oasis-open.org\/mqtt\/mqtt\/v3.1.1\/mqtt-v3.1.1.html  Andrew Banks and Rahul Gupta. [n.d.]. MQTT Version 3.1.1. OASIS Standard. http:\/\/docs.oasis-open.org\/mqtt\/mqtt\/v3.1.1\/mqtt-v3.1.1.html"},{"key":"e_1_3_2_1_5_1","volume-title":"Security Testing Based on Attack Patterns. In Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST 2014 Workshops Proceedings","author":"Bozic Josip","year":"2014","unstructured":"Josip Bozic and Franz Wotawa . 2014 . Security Testing Based on Attack Patterns. In Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST 2014 Workshops Proceedings , March 31 - April 4, 2014, Cleveland, Ohio, USA. IEEE Computer Society, 4--11. Josip Bozic and Franz Wotawa. 2014. Security Testing Based on Attack Patterns. In Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST 2014 Workshops Proceedings, March 31 - April 4, 2014, Cleveland, Ohio, USA. IEEE Computer Society, 4--11."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2737630"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/857076.857078"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-011-0385-5"},{"key":"e_1_3_2_1_9_1","unstructured":"HiveMQ. [n.d.]. Enterprise MQTT Broker. https:\/\/www.hivemq.com\/downloads\/hivemq-data-sheet-4.2.pdf.  HiveMQ. [n.d.]. Enterprise MQTT Broker. https:\/\/www.hivemq.com\/downloads\/hivemq-data-sheet-4.2.pdf."},{"key":"e_1_3_2_1_10_1","unstructured":"HiveMQ. [n.d.]. Security Fundamentals. https:\/\/www.hivemq.com\/blog\/mqtt-security-fundamentals-authentication-username-password\/.  HiveMQ. [n.d.]. Security Fundamentals. https:\/\/www.hivemq.com\/blog\/mqtt-security-fundamentals-authentication-username-password\/."},{"key":"e_1_3_2_1_11_1","volume-title":"Exploiting Software: How to Break Code","author":"Hoglund Greg","year":"2004","unstructured":"Greg Hoglund and Gary McGraw . 2004 . Exploiting Software: How to Break Code . Addison Wesley . Greg Hoglund and Gary McGraw. 2004. Exploiting Software: How to Break Code. Addison Wesley."},{"key":"e_1_3_2_1_12_1","volume-title":"2017 International Conference on Mathematics and Information Technology (ICMIT). IEEE Computer Society, 214--221","author":"Houimli M.","unstructured":"M. Houimli , L. Kahloul , and S. Benaoun . 2017. Formal specification, verification and evaluation of the MQTT protocol in the Internet of Things . In 2017 International Conference on Mathematics and Information Technology (ICMIT). IEEE Computer Society, 214--221 . M. Houimli, L. Kahloul, and S. Benaoun. 2017. Formal specification, verification and evaluation of the MQTT protocol in the Internet of Things. In 2017 International Conference on Mathematics and Information Technology (ICMIT). IEEE Computer Society, 214--221."},{"key":"e_1_3_2_1_13_1","volume-title":"Using Exploit Patterns to Develop Secure Software. VSRD International Journal of Computer Science & Information Technology 3 (01","author":"Khan Rizwan","year":"2013","unstructured":"Rizwan Khan and Santosh Kumar . 2013. Using Exploit Patterns to Develop Secure Software. VSRD International Journal of Computer Science & Information Technology 3 (01 2013 ), 257--260. Rizwan Khan and Santosh Kumar. 2013. Using Exploit Patterns to Develop Secure Software. VSRD International Journal of Computer Science & Information Technology 3 (01 2013), 257--260."},{"key":"e_1_3_2_1_14_1","volume-title":"Connectivity Frameworks for Smart Devices. Computer Communications and Networks","author":"Manzoor Amir","unstructured":"Amir Manzoor . 2016. Securing Device Connectivity in the Industrial Internet of Things (IoT) . In Connectivity Frameworks for Smart Devices. Computer Communications and Networks . Springer , Cham , 3--22. Amir Manzoor. 2016. Securing Device Connectivity in the Industrial Internet of Things (IoT). In Connectivity Frameworks for Smart Devices. Computer Communications and Networks. Springer, Cham, 3--22."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/EISIC.2017.20"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/WiMOB.2014.6962166"},{"key":"e_1_3_2_1_19_1","volume-title":"Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion. 815--816.","author":"Pacheco Carlos","unstructured":"Carlos Pacheco and Michael D Ernst . 2007. Randoop: feedback-directed random testing for Java . In Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion. 815--816. Carlos Pacheco and Michael D Ernst. 2007. Randoop: feedback-directed random testing for Java. In Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion. 815--816."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2017.07.005"},{"key":"e_1_3_2_1_21_1","volume-title":"MQTT Security: A Novel Fuzzing Approach. Wireless Communications and Mobile Computing 2018","author":"Ramos Santiago Hern\u00e1ndez","year":"2018","unstructured":"Santiago Hern\u00e1ndez Ramos , M. Teresa Villalba , and Raquel Lacuesta . 2018. MQTT Security: A Novel Fuzzing Approach. Wireless Communications and Mobile Computing 2018 ( 2018 ). Santiago Hern\u00e1ndez Ramos, M. Teresa Villalba, and Raquel Lacuesta. 2018. MQTT Security: A Novel Fuzzing Approach. Wireless Communications and Mobile Computing 2018 (2018)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2016.7860532"},{"key":"e_1_3_2_1_23_1","volume-title":"Fifth International Conference on Communication Systems and Network Technologies. IEEE, 746--751","author":"Singh M.","unstructured":"M. Singh , M. A. Rajan , V. L. Shivraj , and P. Balamuralidhar . 2015. Secure MQTT for Internet of Things (IoT) . In Fifth International Conference on Communication Systems and Network Technologies. IEEE, 746--751 . M. Singh, M. A. Rajan, V. L. Shivraj, and P. Balamuralidhar. 2015. Secure MQTT for Internet of Things (IoT). In Fifth International Conference on Communication Systems and Network Technologies. IEEE, 746--751."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-59028-4_5"},{"key":"e_1_3_2_1_25_1","volume-title":"GIoTS 2019","author":"Su Wei-Tsung","year":"2019","unstructured":"Wei-Tsung Su , Wei-Cheng Chen , and Chao-Chun Chen . 2019 . An Extensible and Transparent Thing-to-Thing Security Enhancement for MQTT Protocol in IoT Environment. In 2019 Global IoT Summit , GIoTS 2019 , Aarhus, Denmark , June 17-21, 2019. IEEE, 1--4. Wei-Tsung Su, Wei-Cheng Chen, and Chao-Chun Chen. 2019. An Extensible and Transparent Thing-to-Thing Security Enhancement for MQTT Protocol in IoT Environment. In 2019 Global IoT Summit, GIoTS 2019, Aarhus, Denmark, June 17-21, 2019. IEEE, 1--4."},{"key":"e_1_3_2_1_26_1","volume-title":"Fuzzing for software security testing and quality assurance","author":"Takanen Ari","unstructured":"Ari Takanen , Jared D Demott , Charles Miller , and Atte Kettunen . 2018. Fuzzing for software security testing and quality assurance . Artech House . Ari Takanen, Jared D Demott, Charles Miller, and Atte Kettunen. 2018. Fuzzing for software security testing and quality assurance. Artech House."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2017.32"},{"key":"e_1_3_2_1_28_1","volume-title":"How to Break Software: A Practical Guide to Testing","author":"Whittaker James A","unstructured":"James A Whittaker . 2002. How to Break Software: A Practical Guide to Testing . Addison-Wesley Longman Publishing . James A Whittaker. 2002. How to Break Software: A Practical Guide to Testing. Addison-Wesley Longman Publishing."}],"event":{"name":"ARES 2020: The 15th International Conference on Availability, Reliability and Security","location":"Virtual Event Ireland","acronym":"ARES 2020"},"container-title":["Proceedings of the 15th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3407023.3407078","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3407023.3407078","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:24:42Z","timestamp":1750195482000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3407023.3407078"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,25]]},"references-count":26,"alternative-id":["10.1145\/3407023.3407078","10.1145\/3407023"],"URL":"https:\/\/doi.org\/10.1145\/3407023.3407078","relation":{},"subject":[],"published":{"date-parts":[[2020,8,25]]},"assertion":[{"value":"2020-08-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}