Software testing techniques (2nd ed.)
Software testing techniques (2nd ed.)
Elements of network protocol design
Elements of network protocol design
ASN.1: communication between heterogeneous systems
ASN.1: communication between heterogeneous systems
System Security Assessment through Specification Mutations and Fault Injection
Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security Issues of the New Century
Using Design Recovery Techniques to Transform Legacy Systems
ICSM '01 Proceedings of the IEEE International Conference on Software Maintenance (ICSM'01)
Integrated TCP/IP Protocol Software Testing for Vulnerability Detection
ICCNMC '03 Proceedings of the 2003 International Conference on Computer Networks and Mobile Computing
An empirical study of the robustness of MacOS applications using random testing
Proceedings of the 1st international workshop on Random testing
Packet decoding using context sensitive parsing
CASCON '06 Proceedings of the 2006 conference of the Center for Advanced Studies on Collaborative research
A lightweight approach to state based security testing
CASCON '06 Proceedings of the 2006 conference of the Center for Advanced Studies on Collaborative research
An empirical study of the robustness of MacOS applications using random testing
ACM SIGOPS Operating Systems Review
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
An empirical evaluation of a language-based security testing technique
CASCON '09 Proceedings of the 2009 Conference of the Center for Advanced Studies on Collaborative Research
Network protocol discovery and analysis via live interaction
EvoApplications'12 Proceedings of the 2012t European conference on Applications of Evolutionary Computation
SETER: Towards Architecture-Model Based Security Engineering
International Journal of Secure Software Engineering
Hi-index | 0.01 |
Security of network applications has become increasingly important in the past several years. Syntax-based testing is a black box, data driven testing technique, for applications for which input can be described formally. SCL is a component of Protocol Tester, a project at RMC and Queen's, that uses syntax-based testing to evaluate the security of network applications. As a language, SCL can describe the syntax and the semantic constraints of a given protocol, constraints that pertain to the testing of network application security. This paper describes how SCL captures the input syntax of a network application including both syntax and semantic constraints. Standard reverse engineering and program comprehension techniques are used to extract a detailed model from the description. This model can be used to automate the selection and generation of test cases in Protocol Tester.