research-article

HTML and PDF fuzzing methodology in iOS

Authors:

Je-Gyeong Jo,

Jae-cheol RyouAuthors Info & Claims

IMCOM '16: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication

Article No.: 8, Pages 1 - 5

https://doi.org/10.1145/2857546.2857555

Published: 04 January 2016 Publication History

Get Access

Abstract

iOS is well-known operating system which is strong in security. However, many attacking methods of iOS have recently been published which are called "Masque Attack", "Null Dereference" and "Italy Hacking Team's RCS". Therefore, security and safety is not suitable word to iOS. In addition, many security researchers have a problem to analyze iOS because the iOS is difficult to debug because of closed source. So, we propose a new security testing method for iOS. At first, we perform to fuzz iOS's web browser called MobileSafari. The MobileSafari is possible to express HTML, PDF and mp4, etc. We perform test abnormal HTML and PDF using our fuzzing method. We hope that our research can be helpful to iOS's security and safety.

References

[1]

Collin Mulliner, Charlie Miller. 2009. Fuzzing the Phone in your Phone, Black Hat USA 2009

Google Scholar

[2]

Chen Xiaobo, Xu Hao, 2012. Find Your Own iOS Kernel Bug, Power of Community 2012

Google Scholar

[3]

Nam Daehyeon, 2014, Making iOS MobileSafari Fuzzer and Fuzzing, CodeEngn Conference 11

Google Scholar

[4]

Je-gyeong Jo, Jae-cheol Ryou, 2015, Method of Fuzzing Document Application Based on Android Devices, Vol 25, Feb. 2015, 31-37, Journal of The Korea Institute of Information Security & Cryptology

Google Scholar

[5]

maintained by Martin Szulecki, Libimobiledevice, http://www.libimobiledevice.org/

Google Scholar

[6]

Fuzz Testing, https://en.wikipedia.org/wiki/Fuzz_testing

Google Scholar

[7]

Header Field Definitions, http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html

Google Scholar

[8]

Isa56, OpenJailbreak, fuzzyDuck & iOS fuzzing, Nov. 2013, http://www.isa56k.com/2013/11/openjailbreak-fuzzyduck-ios-fuzzing.html

Google Scholar

Index Terms

HTML and PDF fuzzing methodology in iOS
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

Cross-Compiling Android Applications to iOS and Windows Phone 7

Android is currently leading the smartphone segment in terms of market share since its introduction in 2007. Android applications are written in Java using an API designed for mobile apps. Other smartphone platforms, such as Apple's iOS or Microsoft's ...
Code smells in iOS apps: how do they compare to Android?
MOBILESoft '17: Proceedings of the 4th International Conference on Mobile Software Engineering and Systems

With billions of app downloads, the Apple App Store and Google Play Store succeeded to conquer mobile devices. However, this success also challenges app developers to publish high-quality apps to keep attracting and satisfying end-users. In particular, ...
Binary compatible graphics support in Android for running iOS apps
Middleware '17: Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference

Mobile apps make extensive use of GPUs on smartphones and tablets to access Web content. To support pervasive Web content, we introduce three key OS techniques for binary graphics compatibility necessary to build a real-world system to run iOS and ...

Comments

Information & Contributors

Information

Published In

IMCOM '16: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication

January 2016

658 pages

ISBN:9781450341424

DOI:10.1145/2857546

© 2016 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 January 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

National Research Foundation of Korea

Conference

IMCOM '16

Sponsor:

SIGAPP
SKKU

IMCOM '16: The 10th International Conference on Ubiquitous Information Management and Communication

January 4 - 6, 2016

Danang, Viet Nam

Acceptance Rates

Overall Acceptance Rate 213 of 621 submissions, 34%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
221
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Index Terms

Recommendations

Cross-Compiling Android Applications to iOS and Windows Phone 7

Code smells in iOS apps: how do they compare to Android?

Binary compatible graphics support in Android for running iOS apps

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations