A DOM-Based Fuzzing Method for Analyzing Seogwang Document Processing System in North Korea


KIPS Transactions on Computer and Communication Systems, Vol. 8, No. 5, pp. 119-126, May. 2019
https://doi.org/10.3745/KTCCS.2019.8.5.119,   PDF Download:
Keywords: Fuzzing, Document Object Model(DOM), Open Document Text(ODT), Seogwang Document Processing System
Abstract

Typical software developed and used by North Korea is Red Star and internal application software. However, most of the existing research on the North Korean software is the software installation method and general execution screen analysis. One of the ways to identify software vulnerabilities is file fuzzing, which is a typical method for identifying security vulnerabilities. In this paper, we use file fuzzing to analyze the security vulnerability of the software used in North Korea's Seogwang Document Processing System. At this time, we propose the analysis of open document text (ODT) file produced by Seogwang Document Processing System, extraction of node based on Document Object Mode (DOM) to determine test target, and generation of mutation file through insertion and substitution, this increases the number of crash detections at the same testing time.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
C. Park and D. Kang, "A DOM-Based Fuzzing Method for Analyzing Seogwang Document Processing System in North Korea," KIPS Transactions on Computer and Communication Systems, vol. 8, no. 5, pp. 119-126, 2019. DOI: https://doi.org/10.3745/KTCCS.2019.8.5.119.

[ACM Style]
Chanju Park and Dongsu Kang. 2019. A DOM-Based Fuzzing Method for Analyzing Seogwang Document Processing System in North Korea. KIPS Transactions on Computer and Communication Systems, 8, 5, (2019), 119-126. DOI: https://doi.org/10.3745/KTCCS.2019.8.5.119.