Fuzz Testing of a Wireless Residential Gateway

Authors

Keywords:

Security, Testing, Fuzzing

Abstract

The rise of cyber-attacks against the ever-expanding network connectivity has resulted in a need for conducting security assessments in home gateway devices, which serve as junctures between private and public networks. Fuzzing, a method where invalid, random, or unexpected data is injected into a system, has emerged as a potential candidate for such assessments. This study is centered around testing the feasibility of fuzzing against home gateway devices, using an action research methodology focused on evaluation through practical implementation. An important aspect of conducting fuzzing is the implementation of monitoring tools to capture data that causes the target to behave unexpectedly. This study found that both a process monitor and a network monitor are essential for overseeing the fuzzing session. The process monitor tracks the status of the target process, while the network monitor captures network traffic between fuzzer and target. The findings demonstrate that fuzzing is an effective tool for conducting security assessments of home gateway devices.

Downloads

Download data is not yet available.
A viking ship where the sail is a Linear Feedback Shift Register, and the shields are zeros and ones, sailing on a sea that is NISK

Downloads

Published

2024-11-24

How to Cite

[1]
N. . Holmdin and M. G. . Jaatun, “Fuzz Testing of a Wireless Residential Gateway”, NIKT, no. 3, Nov. 2024.

Issue

No. 3 (2024): NISK Norsk informasjonssikkerhets-konferanse

Section

Regular papers

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.