Vulnerabilities in network protocol software have been problematic since Internet infrastructure was deployed. These vulnerabilities damage the reliability of network software and create security holes in computing environment. Many critical security vulnerabilities exist in application network services of which specification or description has not been published. In this paper, we propose a security assessment methodology based on fault injection techniques to improve reliability of the application network services with no specifications published. We also implement a tool for security testing based on the proposed methodology. Windows RPC network services are chosen as an application network service considering its unknown protocol specification and are validated by the methodology. It turns out that the tool detects unknown vulnerabilities in Windows network module. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Kang, H., & Lee, D. H. (2007). Security assessment for application network services using fault injection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4430 LNCS, pp. 172–183). Springer Verlag. https://doi.org/10.1007/978-3-540-71549-8_15
Mendeley helps you to discover research relevant for your work.