Paper Abstract and Keywords |
Presentation |
2016-11-25 14:40
A fuzz testing method cooperated with threat modeling Yasuhiko Nishio, Tadashi Shiroma (CCDS), Hiroyuki Inoue (CCDS/HCU) ICSS2016-41 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The purpose of this study is to develop a fuzz testing method that can ensure the IoT security especially automotive system security. To ensure the system security, it is important to expose the system threats and to test along with them. We propose a fuzz testing method cooperated with threat modeling. Our study have two merits. First, engineer can learn the knowledge of threat modeling smoothly. Second, researcher can exchange their threat model to test data, especially, fuzzing data. We can derive the merits to develop a procedure that exchange the threat model to fuzz data via a threat meta-model made by XML format. Finally, we applied our method to real device and system, car navigation system and vulnerable Web system as two case study. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Threat Modeling / Fuzzing / Meta model / XML / Automotive system / Reverse engineering / / |
Reference Info. |
IEICE Tech. Rep., vol. 116, no. 328, ICSS2016-41, pp. 15-20, Nov. 2016. |
Paper # |
ICSS2016-41 |
Date of Issue |
2016-11-18 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2016-41 |
Conference Information |
Committee |
ICSS |
Conference Date |
2016-11-25 - 2016-11-25 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Institute of Information Security |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Information and Communication System Security, etc. |
Paper Information |
Registration To |
ICSS |
Conference Code |
2016-11-ICSS |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
A fuzz testing method cooperated with threat modeling |
Sub Title (in English) |
|
Keyword(1) |
Threat Modeling |
Keyword(2) |
Fuzzing |
Keyword(3) |
Meta model |
Keyword(4) |
XML |
Keyword(5) |
Automotive system |
Keyword(6) |
Reverse engineering |
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Yasuhiko Nishio |
1st Author's Affiliation |
Connected Consumer Device Security Council (CCDS) |
2nd Author's Name |
Tadashi Shiroma |
2nd Author's Affiliation |
Connected Consumer Device Security Council (CCDS) |
3rd Author's Name |
Hiroyuki Inoue |
3rd Author's Affiliation |
Connected Consumer Device Security Council/Hiroshima City University (CCDS/HCU) |
4th Author's Name |
|
4th Author's Affiliation |
() |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2016-11-25 14:40:00 |
Presentation Time |
25 minutes |
Registration for |
ICSS |
Paper # |
ICSS2016-41 |
Volume (vol) |
vol.116 |
Number (no) |
no.328 |
Page |
pp.15-20 |
#Pages |
6 |
Date of Issue |
2016-11-18 (ICSS) |
|