Title: Research on fuzzy security testing of document format based on formal method

Authors: Shuang Ren; Honghui Li; Fangnan Yang; Ying Xing

Addresses: School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China; Engineering Research Center of Network Management Technology for High Speed Railway of MOE, Beijing 100044, China ' School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China; Engineering Research Center of Network Management Technology for High Speed Railway of MOE, Beijing 100044, China ' School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China; Engineering Research Center of Network Management Technology for High Speed Railway of MOE, Beijing 100044, China ' Automation School, Beijing University of Posts and Telecommunications, Beijing 100876, China

Abstract: In this paper, the formal method is applied to the fuzzy testing of document format to meet the requirement of corresponding security testing. The general format Uniform Office Format (UOF) of Chinese office software is taken as an example. This paper studies the description of the structure, characteristics and interdependence of the document format by Z language, and proposes a method used for formal document format feature extraction and fuzzy testing case generation. Further, this paper presents a design scheme of FileFTester, a document format security testing tool, which can not only automatically generate test cases, but also adapt to various office document format security testing. The tool is universal and scalable.

Keywords: document format; fuzzy testing; test case generation; Z language; formal method.

DOI: 10.1504/IJIMS.2018.095251

International Journal of Internet Manufacturing and Services, 2018 Vol.5 No.4, pp.391 - 404

Received: 11 Sep 2017
Accepted: 23 Dec 2017
Published online: 02 Oct 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article