AAU Student Projects - visit Aalborg University's student projects portal
A master's thesis from Aalborg University
Book cover


OIOFuzz: A Guided Model-based Blackbox Fuzzer for OIORASP Schematron Validation

Authors

;

Term

4. term

Education

Computer Science, Master

Publication year

2023

Submitted on

Pages

61

Abstract

In this project we explored the potential for fuzzing OIORASP. OIORASP is an protocol for exchange of e-business documents and is an integral part of the Danish IT Infrastructure. The protocol uses the OIOUBL document standard for the documents sent. Fuzzing is an automatic test method where unexpected inputs are constructed and passed to the target program to observe if it trigger unexpected behavior. The target is narrowed in to the Schematron validation of the documents. We made OIOFuzz which is a prrof-of-concept implementation of a guided model-based blackbox fuzzer targeting OIORASP Schematron validation. OIOFuzz managed to find an error in the Schematron validation. Therefore we concluded that it is functional, but it also has room for improvement.

Keywords

Fuzzing

Documents

Download
View record in AAU Student Projects