Projects per year
Abstract
Mutation analysis forms a popular software analysis technique that has been demonstrated to be useful in supporting multiple software engineering activities. Yet, the use of mutation analysis in tackling security issues has received little attention. In view of this, we design security aware mutation operators to support mutation analysis. Using a known set of common security vulnerability patterns, we introduce 15 security-aware mutation operators for Java. We then implement them in the PIT mutation engine and evaluate them. Our preliminary results demonstrate that standard PIT operators are unlikely to introduce vulnerabilities similar to ours. We also show that our security-aware mutation operators are indeed applicable and prevalent on open source projects, providing evidence that mutation analysis can support security testing activities.
Original language | English |
---|---|
Title of host publication | Proceedings - 10th IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2017 |
Subtitle of host publication | Mutation 2017 |
Publisher | IEEE |
Pages | 97-102 |
Number of pages | 6 |
ISBN (Electronic) | 9781509066766 |
DOIs | |
Publication status | Published - 13 Mar 2017 |
Event | 12th International Workshop on Mutation Analysis (Mutation 2017) - Tokyo, Japan Duration: 13 Mar 2017 → 13 Mar 2017 Conference number: 12 https://sites.google.com/site/mutation2017/ |
Publication series
Name | Proceedings - 10th IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2017 |
---|
Scientific committee
Scientific committee | 12th International Workshop on Mutation Analysis (Mutation 2017) |
---|---|
Abbreviated title | Mutation 2017 |
Country/Territory | Japan |
City | Tokyo |
Period | 13/03/17 → 13/03/17 |
Internet address |
Keywords
- mutation analysis
- mutation operators
- security testing
- PIT
- FindBugs
- Security Testing
- Mutation operators
- Mutation analysis
Fingerprint
Dive into the research topics of 'Towards Security-aware Mutation Testing'. Together they form a unique fingerprint.Projects
- 1 Finished
-
Thesis-X-Devroey: Behavioural Model Based Testing of Software Product Lines
Devroey, X., Heymans, P., Schobbens, P. Y. & Perrouin, G.
1/09/11 → 30/08/17
Project: PHD