Practical security testing using file fuzzing

Hyoungchun Kim; Younghan Choi; Dohoon Lee; Donghoon Lee

doi:10.1109/ICACT.2008.4494003

Practical security testing using file fuzzing

Hyoungchun Kim, Younghan Choi, Dohoon Lee, Donghoon Lee

School of Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Citations (Scopus)

Abstract

File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.

Original language	English
Title of host publication	10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings
Pages	1304-1307
Number of pages	4
DOIs	https://doi.org/10.1109/ICACT.2008.4494003
Publication status	Published - 2008
Event	2008 10th International Conference on Advanced Communication Technology - Phoenix Park, Korea, Republic of Duration: 2008 Feb 17 → 2008 Feb 20

Publication series

Name	International Conference on Advanced Communication Technology, ICACT
Volume	2
ISSN (Print)	1738-9445

Other

Other	2008 10th International Conference on Advanced Communication Technology
Country/Territory	Korea, Republic of
City	Phoenix Park
Period	08/2/17 → 08/2/20

Keywords

File fuzzing
Security testing
Software testing

ASJC Scopus subject areas

Electrical and Electronic Engineering

Access to Document

10.1109/ICACT.2008.4494003

Cite this

Practical security testing using file fuzzing. / Kim, Hyoungchun; Choi, Younghan; Lee, Dohoon et al.
10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings. 2008. p. 1304-1307 4494003 (International Conference on Advanced Communication Technology, ICACT; Vol. 2).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kim, H, Choi, Y, Lee, D & Lee, D 2008, Practical security testing using file fuzzing. in 10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings., 4494003, International Conference on Advanced Communication Technology, ICACT, vol. 2, pp. 1304-1307, 2008 10th International Conference on Advanced Communication Technology, Phoenix Park, Korea, Republic of, 08/2/17. https://doi.org/10.1109/ICACT.2008.4494003

@inproceedings{ffe6567108cf4f018052f7825f270064,

title = "Practical security testing using file fuzzing",

abstract = "File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.",

keywords = "File fuzzing, Security testing, Software testing",

author = "Hyoungchun Kim and Younghan Choi and Dohoon Lee and Donghoon Lee",

year = "2008",

doi = "10.1109/ICACT.2008.4494003",

language = "English",

isbn = "9788955191356",

series = "International Conference on Advanced Communication Technology, ICACT",

pages = "1304--1307",

booktitle = "10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings",

note = "2008 10th International Conference on Advanced Communication Technology ; Conference date: 17-02-2008 Through 20-02-2008",

}

TY - GEN

T1 - Practical security testing using file fuzzing

AU - Kim, Hyoungchun

AU - Choi, Younghan

AU - Lee, Dohoon

AU - Lee, Donghoon

PY - 2008

Y1 - 2008

N2 - File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.

AB - File Fuzzing is the method that inserts fault into general file and monitors the errors during executing the software with fault-inserted file. In this paper, we propose the practical methodology for security testing of software using two file fuzzing approaches. The methodology focuses on binary fields and TAGs(in markup language) of the file. And we show the practical applying to WMF and HTML file.

KW - File fuzzing

KW - Security testing

KW - Software testing

UR - http://www.scopus.com/inward/record.url?scp=44249107112&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=44249107112&partnerID=8YFLogxK

U2 - 10.1109/ICACT.2008.4494003

DO - 10.1109/ICACT.2008.4494003

M3 - Conference contribution

AN - SCOPUS:44249107112

SN - 9788955191356

T3 - International Conference on Advanced Communication Technology, ICACT

SP - 1304

EP - 1307

BT - 10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings

T2 - 2008 10th International Conference on Advanced Communication Technology

Y2 - 17 February 2008 through 20 February 2008

ER -

Practical security testing using file fuzzing

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this