TY - GEN
T1 - Fuzz Test Case Generation for Penetration Testing in Mobile Cloud Computing Applications
AU - Al-Ahmad, Ahmad Salah
AU - Kahtan, Hasan
N1 - Publisher Copyright:
© 2019, Springer Nature Switzerland AG.
PY - 2018/9/28
Y1 - 2018/9/28
N2 - Security testing for applications is a critical practice used to protect data and users. Penetration testing is particularly important, and test case generation is one of its critical phases. In test case generation, the testers need to ensure that as many execution paths as possible are covered by using a set of test cases. Multiple models and techniques have been proposed to generate test cases for software penetration testing. These techniques include fuzz test case generation, which has been implemented in multiple forms. This work critically reviews different models and techniques used for fuzz test case generation and identifies strengths and limitations associated with each implementation and proposal. Reviewing results showed that previous test case generation methods disregard offloading parameters when generating test case sets. This paper proposes a test case generation technique that uses offloading as a generation parameter to overcome the lack of such techniques in previous studies. The proposed technique improves the coverage path on applications that use offloading, thereby improving the effectiveness and efficiency of penetration testing.
AB - Security testing for applications is a critical practice used to protect data and users. Penetration testing is particularly important, and test case generation is one of its critical phases. In test case generation, the testers need to ensure that as many execution paths as possible are covered by using a set of test cases. Multiple models and techniques have been proposed to generate test cases for software penetration testing. These techniques include fuzz test case generation, which has been implemented in multiple forms. This work critically reviews different models and techniques used for fuzz test case generation and identifies strengths and limitations associated with each implementation and proposal. Reviewing results showed that previous test case generation methods disregard offloading parameters when generating test case sets. This paper proposes a test case generation technique that uses offloading as a generation parameter to overcome the lack of such techniques in previous studies. The proposed technique improves the coverage path on applications that use offloading, thereby improving the effectiveness and efficiency of penetration testing.
KW - Penetration testing
KW - Security testing
KW - Software testing
KW - Test case generation
UR - http://www.scopus.com/inward/record.url?scp=85054767882&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-00979-3_27
DO - 10.1007/978-3-030-00979-3_27
M3 - Conference contribution
AN - SCOPUS:85054767882
SN - 9783030009786
T3 - Advances in Intelligent Systems and Computing
SP - 267
EP - 276
BT - Intelligent Computing and Optimization
A2 - Vasant, Pandian
A2 - Weber, Gerhard-Wilhelm
A2 - Zelinka, Ivan
PB - Springer Verlag
T2 - International Conference on Intelligent Computing and Optimization, ICO 2018
Y2 - 4 October 2018 through 5 October 2018
ER -