Extending WSDL to Facilitate Web Services Testing
HASE '02 Proceedings of the 7th IEEE International Symposium on High Assurance Systems Engineering
Generating test cases for web services using data perturbation
ACM SIGSOFT Software Engineering Notes
Testing Web Services by XML Perturbation
ISSRE '05 Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering
WSDL-Based Automatic Test Case Generation for Web Services Testing
SOSE '05 Proceedings of the IEEE International Workshop
Exploring Perturbation Based Testing for Web Services
ICWS '06 Proceedings of the IEEE International Conference on Web Services
WSDLTest - A Tool for Testing Web Services
WSE '06 Proceedings of the Eighth IEEE International Symposium on Web Site Evolution
Tag-Aware Text File Fuzz Testing for Security of a Software System
ICCIT '07 Proceedings of the 2007 International Conference on Convergence Information Technology
Towards Specification Based Testing for Semantic Web Services
ASWEC '09 Proceedings of the 2009 Australian Software Engineering Conference
Improving data perturbation testing techniques for Web services
Information Sciences: an International Journal
Efficient file fuzz testing using automated analysis of binary file format
Journal of Systems Architecture: the EUROMICRO Journal
Finding Software Vulnerabilities by Smart Fuzzing
ICST '11 Proceedings of the 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation
Software Testing: A Craftsman's Approach
Software Testing: A Craftsman's Approach
Hi-index | 0.00 |
The testing of Web services is an essential aspect of their quality assurance, however, because this testing often involves injecting only one mutant at one time, some vulnerability faults cannot be detected. To address this, the current paper presents a set of mutation operators that can be combined and defines the corresponding combinatorial strategies based on data perturbation and combinatorial testing. Based on this, multiple mutants can be injected at one time to help uncover interactive faults. To improve testing efficiency and effectiveness, a combinatorial testing approach focusing on Web service vulnerability is proposed: Firstly, initial test data are generated with perturbation techniques based on Web Services Description Language documents and Simple Object Access Protocol messages. Then, a combinatorial testing cases generation (CTCG) algorithm is used to generate the final combinatorial test data according to the proposed strategies. Furthermore, for some special Web services in which there is only one parameter or one method in service interface, a fuzzy mutation approach algorithm, as a complementary approach to CTCG, is also proposed. Finally, some testing experiments are conducted to verify the effectiveness of the proposed approaches in an integrated testing platform. The experiments show that proposed approaches are both feasible and effective: They can find more vulnerability faults than the traditional approaches.