Security test generation using threat trees

Marback, Aaron; Do, Hyunsook; He, Ke; Kondamarri, Samuel; Xu, Dianxiang

doi:10.1109/iwast.2009.5069042

Cited by 26 publications

(29 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3) Test Execution: Having assigned all input values to the parameters in the test paths, we implemented a test execution engine based on our existing tool that creates automated tests from Threat Models [24] Threat Models are a way for software designers to define and describe possible threats to the security of a software system [25]. The testing engine parses the input values file and enters data into the web application using a framework, written in the Perl programming language that uses the LWP and WWW:Mechanize libraries to simulate user interaction.…”

Section: ) Path Generationmentioning

confidence: 99%

An Effective Regression Testing Approach for PHP Web Applications

Marback

Ehresmann

2012

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation

Self Cite

View full text Add to dashboard Cite

Abstract-Web applications change and are upgraded frequently due to security attacks, feature updates, or user preference changes. These fixes often involve small patches or revisions, but still, testers need to perform regression testing on their products to ensure that the changes have not introduced new faults. Applying regression testing to the entire product, however, can be very expensive, and often, companies cannot afford to do this because, typically, the turnaround time to release patches is expected to be short. One solution is focusing only on the areas of code that have been changed and performing regression testing on them. In this way, companies can provide quick patches more dependably whenever they encounter security breaches. In this paper, we propose a new regression testing approach that is applied to frequently patched web applications, considering security problems, and in particular, focusing on PHP programs. Our approach identifies the affected areas by code changes using impact analysis and generates new test cases for the impacted areas by changes using program slices considering both numeric and string input values. To facilitate our approach, we implemented a PHP Analysis and Regression Testing Engine (PARTE) and performed a controlled experiment using open source web applications. The results show that our approach is effective in reducing the cost of regression testing for frequently patched web applications.

show abstract

Section: ) Path Generationmentioning

confidence: 99%

An Effective Regression Testing Approach for PHP Web Applications

Marback

Ehresmann

2012

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation

Self Cite

View full text Add to dashboard Cite

show abstract

“…As a major means for assuring software security, various security testing techniques have been developed for detecting software vulnerabilities in the past. For example, we have developed techniques for automatically generating security tests from threat models, represented by threat trees [2], threat nets [3], and UML sequence diagrams [4]. However, benchmarks are in great demands for empirically measuring the vulnerability detection capabilities of these techniques.…”

Section: Introductionmentioning

confidence: 99%

Mutation Analysis of Magento for Evaluating Threat Model-Based Security Testing

Thomas

2011

2011 IEEE 35th Annual Computer Software and Applications Conference Workshops

Self Cite

View full text Add to dashboard Cite

Security testing is a major means for assuring software security and many security testing techniques have been developed in the past. Benchmarks, however, are in great demands for empirically evaluating the vulnerability detection capabilities of these techniques. To develop such a benchmark, this paper presents an approach to security mutation analysis of Magento, a fully-fledged open source e-commerce web application for evaluating automated security testing techniques. We create security mutants by injecting vulnerabilities in a systematic way. Specifically, we consider the causes of vulnerabilities according to OWASP's top 10 web application security risks, the application's business logic, as well as various consequences of vulnerabilities (i.e., STRIDE attacks). We have created 63 mutants and applied them successfully to the evaluation of two security testing techniques that use threat trees and threat nets as threat models for test generation. Our experiments show that these testing methods can kill most of the mutants but cannot detect the vulnerabilities that are not captured by the threat models.

show abstract