Fuzz Test Case Generation for Penetration Testing in Mobile Cloud Computing Applications

Ahmad Salah Al-Ahmad, Hasan Kahtan*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)

Abstract

Security testing for applications is a critical practice used to protect data and users. Penetration testing is particularly important, and test case generation is one of its critical phases. In test case generation, the testers need to ensure that as many execution paths as possible are covered by using a set of test cases. Multiple models and techniques have been proposed to generate test cases for software penetration testing. These techniques include fuzz test case generation, which has been implemented in multiple forms. This work critically reviews different models and techniques used for fuzz test case generation and identifies strengths and limitations associated with each implementation and proposal. Reviewing results showed that previous test case generation methods disregard offloading parameters when generating test case sets. This paper proposes a test case generation technique that uses offloading as a generation parameter to overcome the lack of such techniques in previous studies. The proposed technique improves the coverage path on applications that use offloading, thereby improving the effectiveness and efficiency of penetration testing.

Original languageEnglish
Title of host publicationIntelligent Computing and Optimization
EditorsPandian Vasant, Gerhard-Wilhelm Weber, Ivan Zelinka
PublisherSpringer Verlag
Pages267-276
Number of pages10
ISBN (Print)9783030009786
DOIs
Publication statusPublished - 28 Sept 2018
Externally publishedYes
EventInternational Conference on Intelligent Computing and Optimization, ICO 2018 - Pattaya, Thailand
Duration: 4 Oct 20185 Oct 2018

Publication series

NameAdvances in Intelligent Systems and Computing
Volume866
ISSN (Print)2194-5357

Conference

ConferenceInternational Conference on Intelligent Computing and Optimization, ICO 2018
Country/TerritoryThailand
CityPattaya
Period4/10/185/10/18

Keywords

  • Penetration testing
  • Security testing
  • Software testing
  • Test case generation

Cite this