Reference : SMRL: A Metamorphic Security Testing Tool for Web Systems
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/43205
SMRL: A Metamorphic Security Testing Tool for Web Systems
English
Mai, Xuan Phu mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Göknil, Arda []
Pastore, Fabrizio mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Briand, Lionel mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
2020
2020 IEEE/ACM 42nd International Conference on Software Engineering
Yes
International Conference on Software Engineering
from 06-07-2020 to 11-07-2020
IEEE/ACM
Seoul
South Korea
[en] Software Engineering ; Software Security ; Metamorphic Testing ; Metamorphic Relations ; Security Testing ; Web Security ; System Testing
[en] We present a metamorphic testing tool that alleviates the oracle problem in security testing. The tool enables engineers to specify metamorphic relations that capture security properties of Web systems. It automatically tests Web systems to detect vulnerabilities based on those relations. We provide a domain-specific language accompanied by an Eclipse editor to facilitate the specification of metamorphic relations. The tool automatically collects the input data and transforms the metamorphic relations into executable Java code in order to automatically perform security testing based on the collected data. The tool has been successfully evaluated on a commercial system and a leading open source system (Jenkins). Demo video: https://youtu.be/9kx6u9LsGxs.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab)
Researchers ; Professionals ; Students ; General public
http://hdl.handle.net/10993/43205
10.1145/3377812.3382152
H2020 ; 694277 - TUNE - Testing the Untestable: Model Testing of Complex Software-Intensive Systems
FnR ; FNR11213850 > Lionel Briand > EDLAH 2 > Enhanced Daily Living and Health 2 – an incentive basedservice > 01/06/2016 > 30/11/2018 > 2015

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
smrl-icse20-demo.pdfAuthor postprint1.97 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.