Modern web browsers are feature rich software applications available for different platforms ranging from home computers to mobile phones and modern TVs. Because of this variety, the security testing of web browsers is a diverse field of research. Typical publicly available tools for browser security testing are fuzz test case generators designed to target a single feature of a browser on a single platform. This work introduces a cross-platform testing harness for browser fuzz testing, called NodeFuzz. In the design of NodeFuzz, test case generators and instrumentation are separated from the core into separate modules. This allows the user to implement feature specific test case generators and platform specific instrumentations, and to execute those in different combinations. During development, NodeFuzz was tested with ten different test case generators and six different instrumentation modules. Over 50 vulnerabilities were uncovered from the tested web browsers during the development and testing of NodeFuzz.
| Identifer | oai:union.ndltd.org:oulo.fi/oai:oulu.fi:nbnfioulu-201504161396 |
| Date | 20 April 2015 |
| Creators | Kettunen, A. (Atte) |
| Publisher | University of Oulu |
| Source Sets | University of Oulu |
| Language | English |
| Detected Language | English |
| Type | info:eu-repo/semantics/masterThesis, info:eu-repo/semantics/publishedVersion |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess, © Atte Kettunen, 2014 |
Page generated in 0.0024 seconds