Fuzz test case generation for penetration testing in mobile cloud computing applications

Security testing for applications is a critical practice used to protect data and users. Penetration testing is particularly important, and test case generation is one of its critical phases. In test case generation, the testers need to ensure that as many execution paths as possible are covered by...

Full description

Saved in:
Bibliographic Details
Main Authors: Al-Ahmad, Ahmad Salah, Kahtan, Hasan
Format: Conference or Workshop Item
Language:English
Published: Springer Nature Switzerland 2018
Subjects:
Online Access:http://umpir.ump.edu.my/id/eprint/24089/2/19.1%20Fuzz%20Test%20Case%20Generation%20for%20Penetration%20Testing%20in%20Mobile%20Cloud.pdf
http://umpir.ump.edu.my/id/eprint/24089/
https://doi.org/10.1007/978-3-030-00979-3_27
https://doi.org/10.1007/978-3-030-00979-3_27
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.ump.umpir.24089
record_format eprints
spelling my.ump.umpir.240892020-03-04T07:44:10Z http://umpir.ump.edu.my/id/eprint/24089/ Fuzz test case generation for penetration testing in mobile cloud computing applications Al-Ahmad, Ahmad Salah Kahtan, Hasan QA76 Computer software Security testing for applications is a critical practice used to protect data and users. Penetration testing is particularly important, and test case generation is one of its critical phases. In test case generation, the testers need to ensure that as many execution paths as possible are covered by using a set of test cases. Multiple models and techniques have been proposed to generate test cases for software penetration testing. These techniques include fuzz test case generation, which has been implemented in multiple forms. This work critically reviews different models and techniques used for fuzz test case generation and identifies strengths and limitations associated with each implementation and proposal. Reviewing results showed that previous test case generation methods disregard offloading parameters when generating test case sets. This paper proposes a test case generation technique that uses offloading as a generation parameter to overcome the lack of such techniques in previous studies. The proposed technique improves the coverage path on applications that use offloading, thereby improving the effectiveness and efficiency of penetration testing. Springer Nature Switzerland 2018-09 Conference or Workshop Item PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/24089/2/19.1%20Fuzz%20Test%20Case%20Generation%20for%20Penetration%20Testing%20in%20Mobile%20Cloud.pdf Al-Ahmad, Ahmad Salah and Kahtan, Hasan (2018) Fuzz test case generation for penetration testing in mobile cloud computing applications. In: Intelligent Computing & Optimization. International Conference on Intelligent Computing & Optimization: ICO 2018, 4-5 October 2018 , Pattaya, Thailand. pp. 267-276., 866. ISBN 978-3-030-00979-3 https://doi.org/10.1007/978-3-030-00979-3_27 https://doi.org/10.1007/978-3-030-00979-3_27
institution Universiti Malaysia Pahang
building UMP Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Malaysia Pahang
content_source UMP Institutional Repository
url_provider http://umpir.ump.edu.my/
language English
topic QA76 Computer software
spellingShingle QA76 Computer software
Al-Ahmad, Ahmad Salah
Kahtan, Hasan
Fuzz test case generation for penetration testing in mobile cloud computing applications
description Security testing for applications is a critical practice used to protect data and users. Penetration testing is particularly important, and test case generation is one of its critical phases. In test case generation, the testers need to ensure that as many execution paths as possible are covered by using a set of test cases. Multiple models and techniques have been proposed to generate test cases for software penetration testing. These techniques include fuzz test case generation, which has been implemented in multiple forms. This work critically reviews different models and techniques used for fuzz test case generation and identifies strengths and limitations associated with each implementation and proposal. Reviewing results showed that previous test case generation methods disregard offloading parameters when generating test case sets. This paper proposes a test case generation technique that uses offloading as a generation parameter to overcome the lack of such techniques in previous studies. The proposed technique improves the coverage path on applications that use offloading, thereby improving the effectiveness and efficiency of penetration testing.
format Conference or Workshop Item
author Al-Ahmad, Ahmad Salah
Kahtan, Hasan
author_facet Al-Ahmad, Ahmad Salah
Kahtan, Hasan
author_sort Al-Ahmad, Ahmad Salah
title Fuzz test case generation for penetration testing in mobile cloud computing applications
title_short Fuzz test case generation for penetration testing in mobile cloud computing applications
title_full Fuzz test case generation for penetration testing in mobile cloud computing applications
title_fullStr Fuzz test case generation for penetration testing in mobile cloud computing applications
title_full_unstemmed Fuzz test case generation for penetration testing in mobile cloud computing applications
title_sort fuzz test case generation for penetration testing in mobile cloud computing applications
publisher Springer Nature Switzerland
publishDate 2018
url http://umpir.ump.edu.my/id/eprint/24089/2/19.1%20Fuzz%20Test%20Case%20Generation%20for%20Penetration%20Testing%20in%20Mobile%20Cloud.pdf
http://umpir.ump.edu.my/id/eprint/24089/
https://doi.org/10.1007/978-3-030-00979-3_27
https://doi.org/10.1007/978-3-030-00979-3_27
_version_ 1662754712750915584
score 13.160551