Distinguishing tests for nondeterministic and probabilistic machines
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
A Test Generation Strategy for Pairwise Testing
IEEE Transactions on Software Engineering
In-Parameter-Order: A Test Generation Strategy for Pairwise Testing
HASE '98 The 3rd IEEE International Symposium on High-Assurance Systems Engineering
Fault-oriented Software Robustness Assessment for Multicast Protocols
NCA '03 Proceedings of the Second IEEE International Symposium on Network Computing and Applications
Integrated TCP/IP Protocol Software Testing for Vulnerability Detection
ICCNMC '03 Proceedings of the 2003 International Conference on Computer Networks and Mobile Computing
ASPIRE: Automated Systematic Protocol Implementation Robustness Evaluation
ASWEC '04 Proceedings of the 2004 Australian Software Engineering Conference
Using Attack Injection to Discover New Vulnerabilities
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
A framework and a tool for robustness testing of communicating software
Proceedings of the 2007 ACM symposium on Applied computing
Mutation Testing of Protocol Messages Based on Extended TTCN-3
AINA '08 Proceedings of the 22nd International Conference on Advanced Information Networking and Applications
SNOOZE: toward a stateful network protocol fuzZEr
ISC'06 Proceedings of the 9th international conference on Information Security
A model-based approach for robustness testing
TestCom'05 Proceedings of the 17th IFIP TC6/WG 6.1 international conference on Testing of Communicating Systems
A systematic review of software robustness
Information and Software Technology
Hi-index | 0.00 |
Robustness testing of network protocol aims to detect vulnerabilities of protocol specifications and implementations under critical conditions. However, related theory is not well developed and prevalent test practices have deficiencies. This paper builds a novel NPEFSM model containing sufficient inputs and their processing rules to formalize complex protocol. Based on this model, Normal-Verification Sequence is proposed to enhance verdict mechanism. We adopt various strategies to generate anomalous values for some fields of messages and further apply pairwise combination to systematically mutate messages. We propose compound anomalous test case to simplify test sequences and give its generation algorithm. Standard test specification language TTCN-3 is extended to describe compound anomalous test cases. As a case study, we test OSPFv2 sufficiently with a test system based on extended TTCN-3. Our method and test system can effectively discover vulnerabilities of protocol implementations as well as their inconsistencies with specifications.