1 |
Sangsu Kim and Dongsu Kang, "Fuzzing-based test case generation technique for multimedia file vulnerability analysis," Journal of Security Engineering, Vol.14, No.6, pp.441-458, 2017.
DOI
|
2 |
Sunghwan Ahn, "A novel fuzzing approach for discovering potential vulnerabilities in Hangul Word Processor," Thesis, Sungkyunkwan University, Seoul, Korea, 2014.
|
3 |
CVE Details, Vulnerability Details : CVE-2012-2665 [Internet], https://www.cvedetails.com/cve/CVE-2012-2665.
|
4 |
CISCO, Multiple Products XML Manifest Encryption Handling Arbitrary Code Execution Vulnerability [Internet], https://tools.cisco.com/security/center/viewAlert.x?alertId=26540.
|
5 |
Jongseon Kim and Lee Choongeun, "Analysis and cooperation of North Korea's IT technology in uniform preparation," Science and Technology Policy Institute, 2014.
|
6 |
Ministry of National Defense, "2016 Defense white paper," pp.20-25, 2016.
|
7 |
Guyeon Jeong and Gitae Lee, "Science technology development and new threats from North Korea : Cyber threat and UAV Penetration," KINU Research Series 16-04, pp.69-72, 2016.
|
8 |
Kihun Park and Dongsu Kang, "A security vulnerability analysis of North Korea OS Red Star," in Proceedings of Korea Software Congress, pp.146-148, 2017.
|
9 |
P. Oehlert, "Violating assumptions with fuzzing," in Proc. the IEEE Security & Privacy(S&P), Vol.3, No.2, pp.58-62, 2005.
|
10 |
Byungjoon Jung, Jaehyeok Han, and Sangjin Lee, "A method of recovery for damaged ZIP files," Journal of The Korea Institute of Information Security & Crypto logy, Vol.27, No.5, pp.1099-1106, 2017.
|
11 |
Chanju Park and Dongsu Kang, "Analysis of file structure about Red Star's SeoKwang Document Processing System for security vulnerability analysis," in Proceedings of the Korea Information Processing Society, Vol.25, No.1, pp.110-112, 2018.
|
12 |
G. Wang, "Improving data transmission in web applications via the translation between xml and json," Communications and Mobile Computing(CMC) 2011 Third International Conference, pp.182-185, 2011.
|
13 |
R.shirey, "RFC 2828-Internet Security Glossary," 2007.
|
14 |
Sangsu Kim and Dongsu Kang, "Software Vulnerability Analysis using File Fuzzing," in Proceedings of the Korean Society of Computer Information Conference, Vol.25, No.2, pp.29-32, 2017.
|
15 |
Michael Sutton, "FUZZING: Brute Force Vulnerability Discovery," United States of America: Addison-Wesley, 2007.
|
16 |
ISO/IEC 26300:2006 Information technology - Open Document Format for Office Applications [Internet], https://www.iso.org/standard/43485.html.
|
17 |
Jaeseo Lee, Jongmyung Kim, Suyong Kim, Youngtae Yun, Yongmin Kim and Bongnam Noh, "A length-based file fuzzing test suite reduction algorithm for evaluation of software vulnerability," Journal of the Korea Institute of Information Security & Cryptology, Vol.23, No.2, pp.231-242, 2013.
DOI
|
18 |
Colleen Lewis, Barret Rhoden and Cynthia Sturton, "Using structured random data to precisely fuzz media players," Project Report, 2007.
|
19 |
Hanyang University, "Study on systematic approach for finding vulnerabilities in multimedia data and players for Microsoft Windows systems," KISA, 2009.
|