Software unit test coverage and adequacy
ACM Computing Surveys (CSUR)
Web application security assessment by fault injection and behavior monitoring
WWW '03 Proceedings of the 12th international conference on World Wide Web
A family of test adequacy criteria for database-driven applications
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Character String Predicate Based Automatic Software Test Data Generation
QSIC '03 Proceedings of the Third International Conference on Quality Software
Using an SQL coverage measurement for testing database applications
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Command-Form Coverage for Testing Database Applications
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
Finding security vulnerabilities in java applications with static analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Proposing SQL statement coverage metrics
Proceedings of the fourth international workshop on Software engineering for secure systems
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Idea: Automatic Security Testing for Web Applications
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Automatic creation of SQL Injection and cross-site scripting attacks
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Hi-index | 0.00 |
In security testing of web applications, the selection of coverage criteria for adequacy evaluation of test cases is based on the trade off between test cost and vulnerability detection effectiveness. Coverage criteria used in traditional software testing such as branch coverage and statement coverage are commonly used but they are not originally defined for security testing purpose. In this paper, we present an overview of the limitations of those common coverage criteria and propose wrapper coverage, vulnerability-aware sink coverage and vulnerability-aware wrapper coverage as other options that are more appropriate for security testing. We conduct an experiment of security testing of real-world web applications to evaluate the usefulness and discuss about the usage of these proposed coverage criteria.