Advanced Security for NextG Mobile Networks: A Hybrid Fuzzing Approach

This paper presents HyFuzz, a hybrid intelligent fuzz testing platform designed to enhance the security validation of next generation (NextG) mobile networks. HyFuzz integrates symbolic formal analysis with adaptive fuzzing to enable the discovery of vulnerabilities that emerge from subtle state inconsistencies and session level command manipulations. Specifically, HyFuzz demonstrates support for multi step intra session fuzzing, where carefully crafted command sequences cause persistent state desynchronization between User Equipment (UE) and the network. Complementing this, HyFuzz employs formal guided deep fuzzing, directing fuzzing efforts to high risk protocol states identified by symbolic analysis. Through a dual mode architecture supporting both virtual (ZMQ) and over the air (OTA) fuzzing, HyFuzz provides an extensible testbed for low level and behavioral vulnerability discovery. Experimental results across 1,281 test cases reveal 1,105 failure instances, including stealthy failures that manifest only under extended interaction contexts. Our findings suggest HyFuzz provides a foundational capability toward more realistic and semantically rich vulnerability detection in modern mobile infrastructure.