A master thesis from Aalborg University
OIOFuzz: A Guided Model-based Blackbox Fuzzer for OIORASP Schematron Validation
Author(s)
Term
4. term
Education
Publication year
2023
Submitted on
2023-06-15
Pages
61 pages
Abstract
In this project we explored the potential for fuzzing OIORASP. OIORASP is an protocol for exchange of e-business documents and is an integral part of the Danish IT Infrastructure. The protocol uses the OIOUBL document standard for the documents sent. Fuzzing is an automatic test method where unexpected inputs are constructed and passed to the target program to observe if it trigger unexpected behavior. The target is narrowed in to the Schematron validation of the documents. We made OIOFuzz which is a prrof-of-concept implementation of a guided model-based blackbox fuzzer targeting OIORASP Schematron validation. OIOFuzz managed to find an error in the Schematron validation. Therefore we concluded that it is functional, but it also has room for improvement.
Keywords
Documents
Colophon: This page is part of the AAU Student Projects portal, which is run by Aalborg University. Here, you can find and download publicly available bachelor's theses and master's projects from across the university dating from 2008 onwards. Student projects from before 2008 are available in printed form at Aalborg University Library.
If you have any questions about AAU Student Projects or the research registration, dissemination and analysis at Aalborg University, please feel free to contact the VBN team. You can also find more information in the AAU Student Projects FAQs.