• DocumentCode
    473162
  • Title

    An Empirical Study for Security of Windows DLL Files Using Automated API Fuzz Testing

  • Author

    Choi, Younghan ; Kim, Hyoungchun ; Lee, Dohoon

  • Author_Institution
    Electron. & Telecommun. Res. Inst.(ETRI), Daejeon
  • Volume
    2
  • fYear
    2008
  • fDate
    17-20 Feb. 2008
  • Firstpage
    1473
  • Lastpage
    1475
  • Abstract
    Fuzz testing is a method that inserts an unexpected data into input of a software system and finds defects of it in order to perform security testing. In this paper , We proposed a novel methodology that performed API fuzz testing automatically and evaluated it for Windows system that most of people in the world used. We implemented an automated API fuzz testing tool that our methodology applied to. Using this tool, we experimented on 1,182 DLL files and 6,117 API functions in a system fold of Windows XP SP2. We found 177 faults in them. Among faults, 10 faults are related to control flow of a program.
  • Keywords
    application program interfaces; program testing; security of data; user interfaces; Windows DLL file security; application programming interface; automated API fuzz testing; software testing; Application software; Automatic testing; Data security; Electronic equipment testing; Performance evaluation; Prototypes; Software prototyping; Software systems; Software testing; System testing; Fuzz Testing; Software Testing; Windows;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Communication Technology, 2008. ICACT 2008. 10th International Conference on
  • Conference_Location
    Gangwon-Do
  • ISSN
    1738-9445
  • Print_ISBN
    978-89-5519-136-3
  • Type

    conf

  • DOI
    10.1109/ICACT.2008.4494042
  • Filename
    4494042
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=473162