Colloquium lecture: January 20, 2026, Rachana Kafle (Betreuer: Al Sardy)
MQRL-Fuzzer: A Deep Reinforcement Learning-Based Fuzzer for IoT Protocols Applied to MQTT
The rising adoption of IoT systems in critical sectors such as smart homes, industrial automation, and healthcare has led to an increased reliance on lightweight communication protocols like MQTT. These protocols, while efficient, are often stateful and complex, posing significant challenges for traditional fuzzing techniques that fail to explore deep protocol states or multi-stage interactions. As these protocols become common in safety-critical applications, the discovery of hidden, state-dependent vulnerabilities becomes essential to ensuring system reliability and security.
This thesis aims to develop a robust and intelligent fuzzing framework for communication protocols, primarily MQTT, but extendable to others, leveraging reinforcement learning (RL) to drive state-aware mutation and input generation. The core objectives are:
- To build an RL-guided fuzzing system capable of discovering stateful and complex protocol vulnerabilities.
- To integrate real-world MQTT datasets for accurate modeling of protocol behavior and realistic multi-stage message sequences.
- To evaluate the RL approach against established fuzzers (AFL++, Boofuzz, Honggfuzz) in terms of code coverage, unique crashes, stateful bug discovery, and efficiency.
- To lay the groundwork for generalizing this approach to other IoT protocols beyond MQTT.
Time: 10:15 a.m.
Room 04.137, Martensstr. 3, Erlangen
or
Zoom-Meeting:
https://fau.zoom-x.de/j/68350702053?pwd=UkF3aXY0QUdjeSsyR0tyRWtLQ0hYUT09
Meeting-ID: 683 5070 2053
Kenncode: 647333