A Retrospective Analysis of a Rapid Review on Fuzz Security Testing for Software Implementation of Communication Protocols

Software implementations of communication protocols connect systems and services by allowing them to exchange data and information. The increasing request of secure connectivity and communication highlights the relevance of automated security testing techniques, such as fuzzing, to be applied during the software development. This paper provides the results of a retrospective analysis conducted on a rapid review about fuzz security testing for software implementations of communication protocols. By extending and generalizing the analysis documented in an existing work, this paper aims at collecting and presenting emerged evidences that: (a) characterize the target software implementations to be tested; (b) investigate what are the existing fuzzing testing techniques; and (c) explore which of them are supported by available tools. Our analysis, based on the examination of 80 scientific sources, conducted us to identify several evidences: (i) the existing fuzz techniques are mainly black-...