题名 | A Web services vulnerability testing approach based on combinatorial mutation and SOAP message mutation |
作者 | |
发表日期 | 2014-03-01 |
发表期刊 | Service Oriented Computing and Applications
![]() |
ISSN/eISSN | 1863-2386 |
卷号 | 8期号:1页码:1-13 |
摘要 | The testing of Web services is an essential aspect of their quality assurance, however, because this testing often involves injecting only one mutant at one time, some vulnerability faults cannot be detected. To address this, the current paper presents a set of mutation operators that can be combined and defines the corresponding combinatorial strategies based on data perturbation and combinatorial testing. Based on this, multiple mutants can be injected at one time to help uncover interactive faults. To improve testing efficiency and effectiveness, a combinatorial testing approach focusing on Web service vulnerability is proposed: Firstly, initial test data are generated with perturbation techniques based on Web Services Description Language documents and Simple Object Access Protocol messages. Then, a combinatorial testing cases generation (CTCG) algorithm is used to generate the final combinatorial test data according to the proposed strategies. Furthermore, for some special Web services in which there is only one parameter or one method in service interface, a fuzzy mutation approach algorithm, as a complementary approach to CTCG, is also proposed. Finally, some testing experiments are conducted to verify the effectiveness of the proposed approaches in an integrated testing platform. The experiments show that proposed approaches are both feasible and effective: They can find more vulnerability faults than the traditional approaches. © 2013 Springer-Verlag London. |
关键词 | Combinatorial testing Mutation operator SOAP message mutation Vulnerability testing Web services testing |
DOI | 10.1007/s11761-013-0139-1 |
URL | 查看来源 |
语种 | 英语English |
Scopus入藏号 | 2-s2.0-84894269062 |
引用统计 | |
文献类型 | 期刊论文 |
条目标识符 | https://repository.uic.edu.cn/handle/39GCC9TT/6498 |
专题 | 北师香港浸会大学 |
通讯作者 | Chen,Jinfu |
作者单位 | 1.School of Computer Science and Telecommunication Engineering,Jiangsu University,Zhenjiang, 212013,China 2.School of Software and Communication Engineering,Jiangxi University of Finance and Economics,Nanchang, 330013,China 3.BNU-HKBU: United International College,Zhuhai, 519085 Guangdong,China |
推荐引用方式 GB/T 7714 | Chen,Jinfu,Li,Qing,Mao,Chengyinget al. A Web services vulnerability testing approach based on combinatorial mutation and SOAP message mutation[J]. Service Oriented Computing and Applications, 2014, 8(1): 1-13. |
APA | Chen,Jinfu, Li,Qing, Mao,Chengying, Towey,Dave, Zhan,Yongzhao, & Wang,Huanhuan. (2014). A Web services vulnerability testing approach based on combinatorial mutation and SOAP message mutation. Service Oriented Computing and Applications, 8(1), 1-13. |
MLA | Chen,Jinfu,et al."A Web services vulnerability testing approach based on combinatorial mutation and SOAP message mutation". Service Oriented Computing and Applications 8.1(2014): 1-13. |
条目包含的文件 | 条目无相关文件。 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论