TY - GEN
T1 - Web API Verifier for IoTtalk and Its Applications
AU - Lin, Wen Yu
AU - Shieh, Min Zheng
AU - Lin, Yi-Bing
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
PY - 2023
Y1 - 2023
N2 - With the vigorous development of Internet of Things (IoT) applications, many IoT applications based on IoTtalk, such as EduTalk, ScratchTalk, and other X-Talk systems, have been created in recent years. Most of these IoT applications are developed using Web application programming interface (API) and thus enable web browsers to transfer data to applications. But in the development stage, unknown errors or unexpected results may occur. It is hard to manually design test cases to detect such flaws efficiently, and automatic testing tools often require much domain knowledge. This work combines Fuzzing technology to develop a graphical user interface (GUI) test system, Web API Verifier (WAV), for IoTtalk and X-Talk developers to automatically test their applications easily. WAV integrates Swagger Editor and RESTler-fuzzer. According to the uploaded source codes, it generates the corresponding drafts of OpenAPI documents. By filling the several fields in WAV GUI, developers can quickly describe the Web API specification of their applications and build the settings required for the RESTler-fuzzer test. After the test, WAV provides a GUI displaying the file location and row number for each buggy function. With WAV, users can write API documents and test their IoT applications conveniently.
AB - With the vigorous development of Internet of Things (IoT) applications, many IoT applications based on IoTtalk, such as EduTalk, ScratchTalk, and other X-Talk systems, have been created in recent years. Most of these IoT applications are developed using Web application programming interface (API) and thus enable web browsers to transfer data to applications. But in the development stage, unknown errors or unexpected results may occur. It is hard to manually design test cases to detect such flaws efficiently, and automatic testing tools often require much domain knowledge. This work combines Fuzzing technology to develop a graphical user interface (GUI) test system, Web API Verifier (WAV), for IoTtalk and X-Talk developers to automatically test their applications easily. WAV integrates Swagger Editor and RESTler-fuzzer. According to the uploaded source codes, it generates the corresponding drafts of OpenAPI documents. By filling the several fields in WAV GUI, developers can quickly describe the Web API specification of their applications and build the settings required for the RESTler-fuzzer test. After the test, WAV provides a GUI displaying the file location and row number for each buggy function. With WAV, users can write API documents and test their IoT applications conveniently.
KW - Fuzz Testing
KW - Internet of Things
KW - IoTtalk
UR - http://www.scopus.com/inward/record.url?scp=85172216977&partnerID=8YFLogxK
U2 - 10.1007/978-981-99-4430-9_24
DO - 10.1007/978-981-99-4430-9_24
M3 - Conference contribution
AN - SCOPUS:85172216977
SN - 9789819944293
T3 - Communications in Computer and Information Science
SP - 323
EP - 337
BT - Mobile Internet Security - 6th International Symposium, MobiSec 2022, Revised Selected Papers
A2 - You, Ilsun
A2 - Kim, Hwankuk
A2 - Angin, Pelin
PB - Springer Science and Business Media Deutschland GmbH
T2 - Proceedings of the 6th International Symposium on Mobile Internet Security, MobiSec 2022
Y2 - 15 December 2022 through 17 December 2022
ER -