{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T02:14:40Z","timestamp":1775873680614,"version":"3.50.1"},"reference-count":60,"publisher":"Association for Computing Machinery (ACM)","issue":"ISSTA","license":[{"start":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T00:00:00Z","timestamp":1750550400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Science Foundation","award":["SHF-1901242, SHF-1910300, Proto-OKN 2333736, IIS-2416835"],"award-info":[{"award-number":["SHF-1901242, SHF-1910300, Proto-OKN 2333736, IIS-2416835"]}]},{"DOI":"10.13039\/100000185","name":"DARPA","doi-asserted-by":"crossref","award":["VSPELLS - HR001120S0058"],"award-info":[{"award-number":["VSPELLS - HR001120S0058"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"crossref"}]},{"name":"ONR","award":["N00014-23-1-2081"],"award-info":[{"award-number":["N00014-23-1-2081"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. ACM Softw. Eng."],"published-print":{"date-parts":[[2025,6,22]]},"abstract":"<jats:p>Validating the correctness of network protocol implementations is highly challenging due to the oracle and traceability problems. The former determines when a protocol implementation can be considered buggy, especially when the bugs do not cause any observable symptoms. The latter allows developers to understand how an implementation violates the protocol specification, thereby facilitating bug fixes. Unlike existing works that rarely take both problems into account, this work considers both and provides an effective solution using recent advances in large language models (LLMs). Our key observation is that network protocols are often released with structured specification documents, a.k.a. RFC documents, which can be systematically translated to formal protocol message specifications via LLMs. Such specifications, which may contain errors due to the hallucination of LLMs, are used as a quasi-oracle to validate protocol parsers, while the validation results in return gradually refine the oracle. Since the oracle is derived from the document, any bugs we find in a protocol implementation can be traced back to the document, thus addressing the traceability problem. We have extensively evaluated our approach using nine network protocols and their implementations written in C, Python, and Go. The results show that our approach outperforms the state-of-the-art and has detected 69 bugs, with 36 confirmed. The project also demonstrates the potential for fully automating software validation based on natural language specifications, a process previously considered predominantly manual due to the need to understand specification documents and derive expected outputs for test inputs.<\/jats:p>","DOI":"10.1145\/3728955","type":"journal-article","created":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T10:52:56Z","timestamp":1750589576000},"page":"1772-1794","source":"Crossref","is-referenced-by-count":5,"title":["Validating Network Protocol Parsers with Traceable RFC Document Interpretation"],"prefix":"10.1145","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-6032-6045","authenticated-orcid":false,"given":"Mingwei","family":"Zheng","sequence":"first","affiliation":[{"name":"Purdue University, West Lafayette, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4359-4625","authenticated-orcid":false,"given":"Danning","family":"Xie","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8297-8998","authenticated-orcid":false,"given":"Qingkai","family":"Shi","sequence":"additional","affiliation":[{"name":"Nanjing University, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0617-5322","authenticated-orcid":false,"given":"Chengpeng","family":"Wang","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9544-2500","authenticated-orcid":false,"given":"Xiangyu","family":"Zhang","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,6,22]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"1981. RFC 793 - Transmission Control Protocol. https:\/\/www.rfc-editor.org\/rfc\/rfc793.html"},{"key":"e_1_2_1_2_1","unstructured":"2024. Go Networking. https:\/\/github.com\/golang\/net"},{"key":"e_1_2_1_3_1","unstructured":"2024. IETF DataTracker. https:\/\/datatracker.ietf.org"},{"key":"e_1_2_1_4_1","unstructured":"2024. Impacket. https:\/\/github.com\/fortra\/impacket"},{"key":"e_1_2_1_5_1","unstructured":"2024. Internet Standard. https:\/\/en.wikipedia.org\/wiki\/Internet_Standard"},{"key":"e_1_2_1_6_1","unstructured":"Fernando Arnaboldi. 2023. XDiFF. https:\/\/github.com\/IOActive\/XDiFF"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-80889-0_17"},{"key":"e_1_2_1_8_1","unstructured":"babeld. 2024. babeld. https:\/\/github.com\/jech\/babeld"},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201908)","author":"Cadar Cristian","unstructured":"Cristian Cadar, Daniel Dunbar, and Dawson R. Engler. 2008. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI \u201908). USENIX, 209\u2013224. https:\/\/www.usenix.org\/conference\/osdi-08\/klee-unassisted-and-automatic-generation-high-coverage-tests-complex-systems"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2003.1201217"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.40"},{"key":"e_1_2_1_12_1","unstructured":"FRR community. 2024. The FRRouting protocol suite. https:\/\/github.com\/FRRouting\/frr"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-78800-3_24"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598067"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/967900.968063"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3649825"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSNet64211.2024.10851734"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","unstructured":"Mingyang Geng Shangwen Wang Dezun Dong Haotian Wang Ge Li Zhi Jin Xiaoguang Mao and Xiangke Liao. 2023. An Empirical Study on Using Large Language Models for Multi-Intent Comment Generation. arXiv preprint arXiv:2304.11384 https:\/\/doi.org\/10.48550\/ARXIV.2304.11384 10.48550\/ARXIV.2304.11384","DOI":"10.48550\/ARXIV.2304.11384"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2093548.2093564"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","unstructured":"Jinyao Guo Chengpeng Wang Xiangzhe Xu Zian Su and Xiangyu Zhang. 2025. RepoAudit: An Autonomous LLM-Agent for Repository-Level Code Auditing. arXiv preprint arXiv:2501.18160 https:\/\/doi.org\/10.48550\/ARXIV.2501.18160 10.48550\/ARXIV.2501.18160","DOI":"10.48550\/ARXIV.2501.18160"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00125"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00194"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3649828"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.48550\/ARXIV.2308.00245"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3691620.3695331"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3575693.3575731"},{"key":"e_1_2_1_27_1","volume-title":"Evaluating Language Models for Efficient Code Generation. In First Conference on Language Modeling (COLM \u201924)","author":"Liu Jiawei","year":"2024","unstructured":"Jiawei Liu, Songrun Xie, Junhao Wang, Yuxiang Wei, Yifeng Ding, and Lingming Zhang. 2024. Evaluating Language Models for Efficient Code Generation. In First Conference on Language Modeling (COLM \u201924). https:\/\/openreview.net\/forum?id=IBCBMeAhmC"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3652620.3687811"},{"key":"e_1_2_1_29_1","volume-title":"Proceedings of the 33rd USENIX Conference on Security Symposium (USENIX Security \u201924)","author":"Ma Xiaoyue","year":"2024","unstructured":"Xiaoyue Ma, Lannan Luo, and Qiang Zeng. 2024. From One Thousand Pages of Specification to Unveiling Hidden Bugs: Large Language Model Assisted Fuzzing of Matter IoT Devices. In Proceedings of the 33rd USENIX Conference on Security Symposium (USENIX Security \u201924). USENIX, 4783\u20134800. https:\/\/www.usenix.org\/conference\/usenixsecurity24\/presentation\/ma-xiaoyue"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487821"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2024.24556"},{"key":"e_1_2_1_32_1","unstructured":"MITRE. 2022. CWE Top 25 Most Dangerous Software Weaknesses. https:\/\/cwe.mitre.org\/top25\/archive\/2022\/2022_cwe_top25.html"},{"key":"e_1_2_1_33_1","unstructured":"MITRE. 2024. CWE-20: Improper Input Validation. https:\/\/cwe.mitre.org\/data\/definitions\/20.html"},{"key":"e_1_2_1_34_1","volume-title":"Proceedings of the 1st Conference on Symposium on Networked Systems Design and Implementation (NSDI \u201924)","author":"Musuvathi Madanlal","unstructured":"Madanlal Musuvathi and Dawson R. Engler. 2004. Model Checking Large Network Protocol Implementations. In Proceedings of the 1st Conference on Symposium on Networked Systems Design and Implementation (NSDI \u201924). USENIX, 155\u2013168. http:\/\/www.usenix.org\/events\/nsdi04\/tech\/musuvathi.html"},{"key":"e_1_2_1_35_1","unstructured":"OpenAI. 2024. GPT-4o. https:\/\/platform.openai.com\/docs\/models\/gpt-4o"},{"key":"e_1_2_1_36_1","unstructured":"Joshua Pereyda. 2023. BooFuzz. https:\/\/github.com\/jtpereyda\/boofuzz"},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the 28th USENIX Conference on Security Symposium, Nadia Heninger and Patrick Traynor (Eds.) (USENIX Security \u201919)","author":"Ramananandro Tahina","year":"2019","unstructured":"Tahina Ramananandro, Antoine Delignat-Lavaud, C\u00e9dric Fournet, Nikhil Swamy, Tej Chajed, Nadim Kobeissi, and Jonathan Protzenko. 2019. EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats. In Proceedings of the 28th USENIX Conference on Security Symposium, Nadia Heninger and Patrick Traynor (Eds.) (USENIX Security \u201919). USENIX, 1465\u20131482. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/delignat-lavaud"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427662"},{"key":"e_1_2_1_39_1","unstructured":"Microsoft Research. 2020. everparse. https:\/\/project-everest.github.io\/everparse\/3d-lang.html"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST53961.2022.00035"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3643769"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616614"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192366.3192418"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00188"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3519939.3523708"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267336.1267350"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3660816"},{"key":"e_1_2_1_48_1","unstructured":"Chengpeng Wang Wuqi Zhang Zian Su Xiangzhe Xu Xiaoheng Xie and Xiangyu Zhang. 2024. LLMDFA: Analyzing Dataflow in Code with Large Language Models. In Advances in Neural Information Processing Systems 38: Annual Conference on Neural Information Processing Systems Amir Globersons Lester Mackey Danielle Belgrave Angela Fan Ulrich Paquet Jakub M. Tomczak and Cheng Zhang (Eds.) (NeurIPS \u201924). http:\/\/papers.nips.cc\/paper_files\/paper\/2024\/hash\/ed9dcde1eb9c597f68c1d375bbecf3fc-Abstract-Conference.html"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2024.findings-emnlp.217"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00211"},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-65630-9_16"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598135"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639121"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","unstructured":"Danning Xie Byungwoo Yoo Nan Jiang Mijung Kim Lin Tan Xiangyu Zhang and Judy S Lee. 2023. Impact of Large Language Models on Generating Software Specifications. arXiv preprint arXiv:2306.03324 https:\/\/doi.org\/10.48550\/ARXIV.2306.03324 10.48550\/ARXIV.2306.03324","DOI":"10.48550\/ARXIV.2306.03324"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3689736"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","unstructured":"Zhe Yang Hao Peng Yanling Jiang Xingwei Li Haohua Du Shuhai Wang and Jianwei Liu. 2025. ChatHTTPFuzz: large language model-assisted IoT HTTP fuzzing. International Journal of Machine Learning and Cybernetics 1\u201322. https:\/\/doi.org\/10.1007\/s13042-024-02527-3 10.1007\/s13042-024-02527-3","DOI":"10.1007\/s13042-024-02527-3"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3650212.3680384"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3649854"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678600"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","unstructured":"Qihao Zhu Daya Guo Zhihong Shao Dejian Yang Peiyi Wang Runxin Xu Y Wu Yukun Li Huazuo Gao and Shirong Ma. 2024. DeepSeek-Coder-V2: Breaking the Barrier of Closed-Source Models in Code Intelligence. arXiv preprint arXiv:2406.11931 https:\/\/doi.org\/10.48550\/ARXIV.2406.11931 10.48550\/ARXIV.2406.11931","DOI":"10.48550\/ARXIV.2406.11931"}],"container-title":["Proceedings of the ACM on Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3728955","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3728955","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,16]],"date-time":"2025-07-16T16:48:58Z","timestamp":1752684538000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3728955"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,22]]},"references-count":60,"journal-issue":{"issue":"ISSTA","published-print":{"date-parts":[[2025,6,22]]}},"alternative-id":["10.1145\/3728955"],"URL":"https:\/\/doi.org\/10.1145\/3728955","relation":{},"ISSN":["2994-970X"],"issn-type":[{"value":"2994-970X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,6,22]]}}}