Robustness Testing of CoAP Server-side Implementations through Black-box Fuzzing Techniques

Abstract

This paper presents the current status of our research on the robustness of CoAP server-side implementations. We discuss the importance of the CoAP protocol as an enabler of the Internet of Things (IoT) vision, and also the current state of CoAP implementations available out there. Then, we proceed to test those implementations using fuzzing techniques previously used in the literature in areas such as Web Service and Network Protocol security testing, namely Random, Mutational and Generational Fuzzing, both "dumb" and "smart". Finally, we provide preliminary results and analysis regarding i) how robust the CoAP implementations studied are and ii) how the different fuzzing techniques used compare to each other.