Practical security testing using file fuzzing

Hyoungchun Kim, Younghan Choi, Dohoon Lee, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.

Original languageEnglish
Title of host publicationInternational Conference on Advanced Communication Technology, ICACT
Pages1304-1307
Number of pages4
Volume2
DOIs
Publication statusPublished - 2008 May 29
Event2008 10th International Conference on Advanced Communication Technology - Phoenix Park, Korea, Republic of
Duration: 2008 Feb 172008 Feb 20

Other

Other2008 10th International Conference on Advanced Communication Technology
CountryKorea, Republic of
CityPhoenix Park
Period08/2/1708/2/20

Fingerprint

Markup languages
HTML
Testing

Keywords

  • File fuzzing
  • Security testing
  • Software testing

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this

Kim, H., Choi, Y., Lee, D., & Lee, D. H. (2008). Practical security testing using file fuzzing. In International Conference on Advanced Communication Technology, ICACT (Vol. 2, pp. 1304-1307). [4494003] https://doi.org/10.1109/ICACT.2008.4494003

Practical security testing using file fuzzing. / Kim, Hyoungchun; Choi, Younghan; Lee, Dohoon; Lee, Dong Hoon.

International Conference on Advanced Communication Technology, ICACT. Vol. 2 2008. p. 1304-1307 4494003.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, H, Choi, Y, Lee, D & Lee, DH 2008, Practical security testing using file fuzzing. in International Conference on Advanced Communication Technology, ICACT. vol. 2, 4494003, pp. 1304-1307, 2008 10th International Conference on Advanced Communication Technology, Phoenix Park, Korea, Republic of, 08/2/17. https://doi.org/10.1109/ICACT.2008.4494003
Kim H, Choi Y, Lee D, Lee DH. Practical security testing using file fuzzing. In International Conference on Advanced Communication Technology, ICACT. Vol. 2. 2008. p. 1304-1307. 4494003 https://doi.org/10.1109/ICACT.2008.4494003
Kim, Hyoungchun ; Choi, Younghan ; Lee, Dohoon ; Lee, Dong Hoon. / Practical security testing using file fuzzing. International Conference on Advanced Communication Technology, ICACT. Vol. 2 2008. pp. 1304-1307
@inproceedings{ffe6567108cf4f018052f7825f270064,
title = "Practical security testing using file fuzzing",
abstract = "File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.",
keywords = "File fuzzing, Security testing, Software testing",
author = "Hyoungchun Kim and Younghan Choi and Dohoon Lee and Lee, {Dong Hoon}",
year = "2008",
month = "5",
day = "29",
doi = "10.1109/ICACT.2008.4494003",
language = "English",
isbn = "9788955191356",
volume = "2",
pages = "1304--1307",
booktitle = "International Conference on Advanced Communication Technology, ICACT",

}

TY - GEN

T1 - Practical security testing using file fuzzing

AU - Kim, Hyoungchun

AU - Choi, Younghan

AU - Lee, Dohoon

AU - Lee, Dong Hoon

PY - 2008/5/29

Y1 - 2008/5/29

N2 - File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.

AB - File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.

KW - File fuzzing

KW - Security testing

KW - Software testing

UR - http://www.scopus.com/inward/record.url?scp=44249107112&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=44249107112&partnerID=8YFLogxK

U2 - 10.1109/ICACT.2008.4494003

DO - 10.1109/ICACT.2008.4494003

M3 - Conference contribution

SN - 9788955191356

VL - 2

SP - 1304

EP - 1307

BT - International Conference on Advanced Communication Technology, ICACT

ER -