• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Security and Communications Networks >An approach of security testing for third-party component based on state mutation
【24h】

An approach of security testing for third-party component based on state mutation

机译:基于状态突变的第三方组件安全测试方法

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

It is essential to study an effective approach of security testing for third-party component. In this paper, to effectively trigger implicit vulnerabilities of third-party components, an approach of security testing for third-party component is proposed based on state mutation. To start with, executable method sequences of components are transformed into extended finite state machine. Then, according to characteristics of condition conflict and behavior conflict, two test case generation algorithms are addressed, that is, Operations Conflict Sequences Generation Algorithm and Conditions Conflict Sequences Generation Algorithm, which are designed to generate inaccessible sequences of behavior and condition conflicts. These conflict sequences are run. Furthermore, the security detecting algorithms are addressed to detect implicit vulnerabilities of third-party components, and then, testing report of component security is obtained. In the end, some experiments are conducted on the basis of the proposed approach, and the experimental results show that the proposed approach can effectively detect security exceptions of third-party components. Copyright (c) 2015 John Wiley & Sons, Ltd.
机译:必须研究一种有效的第三方组件安全测试方法。为了有效触发第三方组件的隐式漏洞,提出了一种基于状态变异的第三方组件安全测试方法。首先,将组件的可执行方法序列转换为扩展的有限状态机。然后,根据条件冲突和行为冲突的特点,提出了两种测试用例生成算法,即操作冲突序列生成算法和条件冲突序列生成算法,旨在生成行为和条件冲突无法访问的序列。运行这些冲突序列。此外,针对安全性检测算法,对第三方组件的隐式漏洞进行检测,进而获得组件安全性的测试报告。最后,在该方法的基础上进行了一些实验,实验结果表明,该方法可以有效地检测出第三方组件的安全异常。版权所有(c)2015 John Wiley&Sons,Ltd.

著录项

  • 来源
    《Security and Communications Networks》 |2016年第15期|2827-2842|共16页
  • 作者

    Chen Jinfu; Chen Jiamei; Huang Rubing; Guo Yuchi; Zhan Yongzhao;

  • 作者单位

    Jiangsu Univ, Sch Comp Sci & Telecommun Engn, Zhenjiang 212013, Peoples R China|Swinburne Univ Technol, Fac Informat & Commun Technol, Hawthorn, Vic 3122, Australia;

    Jiangsu Univ, Sch Comp Sci & Telecommun Engn, Zhenjiang 212013, Peoples R China;

    Jiangsu Univ, Sch Comp Sci & Telecommun Engn, Zhenjiang 212013, Peoples R China|Huazhong Univ Sci & Technol, Sch Comp Sci & Technol, Wuhan 430074, Peoples R China;

    Jiangsu Univ, Sch Comp Sci & Telecommun Engn, Zhenjiang 212013, Peoples R China;

    Jiangsu Univ, Sch Comp Sci & Telecommun Engn, Zhenjiang 212013, Peoples R China;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    third-party component; security testing; method sequence; extended finite state machine; state mutation;

    机译:第三方组件;安全测试;方法序列;扩展有限状态机;状态突变;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号