Towards Security-aware Mutation Testing

Thomas Loise, Xavier Devroey, Gilles Perrouin, Mike Papadakis, Patrick Heymans

Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférenceArticle dans les actes d'une conférence/un colloque

43 Téléchargements (Pure)

Résumé

Mutation analysis forms a popular software analysis technique that has been demonstrated to be useful in supporting multiple software engineering activities. Yet, the use of mutation analysis in tackling security issues has received little attention. In view of this, we design security aware mutation operators to support mutation analysis. Using a known set of common security vulnerability patterns, we introduce 15 security-aware mutation operators for Java. We then implement them in the PIT mutation engine and evaluate them. Our preliminary results demonstrate that standard PIT operators are unlikely to introduce vulnerabilities similar to ours. We also show that our security-aware mutation operators are indeed applicable and prevalent on open source projects, providing evidence that mutation analysis can support security testing activities.
langue originaleAnglais
titreProceedings - 10th IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2017
Sous-titreMutation 2017
EditeurIEEE
Pages97-102
Nombre de pages6
ISBN (Electronique)9781509066766
Les DOIs
Etat de la publicationPublié - 13 mars 2017
Evénement12th International Workshop on Mutation Analysis (Mutation 2017) - Tokyo, Japon
Durée: 13 mars 201713 mars 2017
Numéro de conférence: 12
https://sites.google.com/site/mutation2017/

Série de publications

NomICSTW '17
EditeurIEEE

Comité scientifique

Comité scientifique12th International Workshop on Mutation Analysis (Mutation 2017)
Titre abrégéMutation 2017
PaysJapon
La villeTokyo
période13/03/1713/03/17
Adresse Internet

Empreinte digitale Examiner les sujets de recherche de « Towards Security-aware Mutation Testing ». Ensemble, ils forment une empreinte digitale unique.

  • Projets

    Contient cette citation

    Loise, T., Devroey, X., Perrouin, G., Papadakis, M., & Heymans, P. (2017). Towards Security-aware Mutation Testing. Dans Proceedings - 10th IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2017: Mutation 2017 (p. 97-102). [7899041] (ICSTW '17). IEEE. https://doi.org/10.1109/ICSTW.2017.24