SlideShare a Scribd company logo

Metamorphic Testing for Web System Security

Lionel Briand
Lionel Briand

This document summarizes a presentation on metamorphic testing for web system security given by Nazanin Bayati on September 13, 2023. Metamorphic testing uses relations between the outputs of multiple test executions to test systems when specifying expected outputs is difficult. It was applied to web systems by generating follow-up inputs based on transformations of valid interactions and checking that output relations held. The approach detected over 60% of vulnerabilities in tested systems and addressed more vulnerability types than static and dynamic analysis tools. It provides an effective and automated way to test for security issues in web systems.

1 of 27
Download to read offline
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 1 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Journal First – IEEE Transaction on Software Engineering Presented by: Nazanin Bayati 13 September 2023 University of Ottawa University of Luxembourg Nazanin Bayati University of Ottawa Fabrizio Pastore University of Luxembourg Lionel Briand University of Ottawa University of Luxembourg Arda Goknil SINTEF Digital, Norway Metamorphic Testing for Web System Security
2 Security vulnerabilities are subtle Discovered when testing with many inputs Specifying expected results is infeasible
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 3 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Metamorphic Testing alleviates the Oracle Problem • Metamorphic Testing (MT) is based on the idea that • it may be simpler to reason about relations between outputs of multiple test executions, called Metamorphic Relations (MRs), than to specify the output of the system for a given input • In MT, system properties are captured as MRs that • specify how to automatically transform an initial set of test inputs (source inputs) into follow-up test inputs • specify the relation between the outputs obtained from source and follow-up inputs • A failure is observed when such relations are violated.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 4 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Metamorphic Security Testing • Source input: a sequence of valid interactions with the system {login(Admin), RequestURL(settings_page)} • Follow-up input: generated by altering valid interactions as an attacker would do {login(User1), RequestURL(settings_page)} • Relations: capture properties that hold when the system is not vulnerable if the user in the follow-up input cannot access the URL from her GUI then the output of the source and follow-up inputs should be different
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 5 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi: Metamorphic Security Testing for Web Interfaces Web System Execute the Data Collection Framework Catalog of 76 Metamorphic Relations Select or Specify the Metamorphic Relations Execute the Metamorphic Testing Framework Test results Translate Metamorphic Relations to Java List of Metamorphic Relations Executable Metamorphic Relations in Java Source Inputs 1 2 3 4 Submit form logout Log in logout Log in
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 6 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 7 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 8 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 9 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 10 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 11 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 12 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema Our metamorphic testing algorithm executes each MR multiple times, to ensure that every possible combination of source and follow-up inputs is exercised
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 13 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Research Questions • RQ1. What testing activities can be automated thanks to oracle automation provided by MST-wi? • RQ2. What vulnerability types can MST-wi detect? • RQ3. What testability guidelines can we define to enable effective test automation with MST-wi? • RQ4. How does MST-wi compare to state-of-the-art SAST and DAST tools? • RQ5. Can we identify patterns for writing MST-wi relations? • RQ6. Is MST-wi effective? • RQ7. Is MST-wi efficient?
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 14 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – What vulnerability types can MST-wi detect? • We investigated the feasibility of implementing MRs that discover the vulnerability types described in the MITRE Common Weakness Enumeration (CWE) database • Considered three subsets: • CWE view for common security architectural tactics • CWE Top 25 most dangerous software errors • OWASP Top 10 Web security risks • To implement an MR, for each weakness, we first inspect its description, its demonstrative examples, the description of concrete vulnerabilities (CVE) and common attack patterns (CAPEC) associated with the weakness. • This process led to a catalog of 76 MRs.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 15 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – What vulnerability types can MST-wi detect? Security Design Principle Vulnerability types Addressed by MST-wi Rank Audit 6 1(16%) 10th Authenticate Actors 28 12 (43%) 4th Authorize Actors 60 34 (57%) 3rd Cross Cutting 9 3 (33%) 6th Encrypt Data 38 8 (21%) 8th Identify Actors 12 3 (25%) 7th Limit Access 8 3 (38%) 5th Limit Exposure 6 0 (0%) 11th Lock Computer 1 0 (0%) 11th Manage User Session 6 4 (67%) 2nd Validate Inputs 39 31 (79%) 1st Verify Message Integrity 19 2 (20%) 9th Total 223 101 (45%) Summary of the CWE architectural security design principles and weaknesses addressed by MST-wi.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 16 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? • We compared the vulnerability types detected by MST-wi, with the vulnerability types detected by state- of-the-art SAST and DAST tool reported in a recent empirical study
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 17 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses bot addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 84 The set of weaknesses targeted by MST-wi is larger than what can be targeted by applying all four competing approaches together.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 18 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Is MST-wi effective? Applied MST-wi to test well-known Web systems: • Jenkins v 2.121 • Joomla v. 3.8.7. Assessed MST-wi capability to detect known vulnerabilities: • 11 for Jenkins, 3 for Joomla. • One of them discovered by MST-wi (CVE-2018-17857) Considered two setups: • Derive source inputs with crawler only • Consider additional manually implemented functional test cases Metrics: • Sensitivity: proportion of vulnerabilities identified • Specificity: proportion of inputs not leading to false alarms
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 19 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Is MST-wi effective? • The high specificity indicates that only a negligible fraction of follow-up inputs leads to false alarms • Since sensitivity reflects the fault detection rate (i.e., the proportion of vulnerabilities discovered), we conclude that our approach is highly effective • We can discover more than 60% of vulnerabilities in a completely automated manner, using only the crawler • And up to 85% using both crawler and manual inputs
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 20 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 https://github.com/MetamorphicSecurityTesting/MST
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 21 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Metamorphic Testing for Web System Security Presented by: Nazanin Bayati 13 September 2023 N. Bayati Chaleshtari, F. Pastore, A. Goknil, and L. Briand, "Metamorphic Testing for Web System Security", IEEE Transactions on Software Engineering, 2023, https://ieeexplore.ieee.org/document/10089522 n.bayati@uottawa.ca University of Ottawa University of Luxembourg
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 23 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses bot addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 56 MST can detect 56 weaknesses that any other approach cannot address.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 24 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses not addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 39 Combined together, DAST/SAST approaches can address only 39 weaknesses that MST-wi does not address.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 25 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses not addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 39 Combined together, DAST/SAST approaches can address only 39 weaknesses that MST-wi does not address. • The weaknesses that MST-wi cannot address are mostly those (i) that can only be discovered using program analysis, (ii) that are not related to user-system interactions, or (iii) that concern non-Web-based systems.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 26 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses bot addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 Combining MST-wi with SA2 seems to be a particularly effective combination as it enables detecting 129 weaknesses (i.e., 101 + 28), which is 92% of the 140 weaknesses that can be detected by any approach.
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 29 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi: Metamorphic Security Testing for Web Interfaces Web System Execute the Data Collection Framework List of Predefined Metamorphic Relations Select and Specify the MRs Execute the Metamorphic Testing Framework Test results Transform MRs to Java List of MRs Executable MRs S(x,y) Source Inputs
University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 30 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Is MST-wi effective? • The high specificity indicates that only a negligible fraction of follow-up inputs leads to false alarms • Since sensitivity reflects the fault detection rate (i.e., the proportion of vulnerabilities discovered), we conclude that our approach is highly effective • We can discover more than 60% of vulnerabilities in a completely automated manner, using only the crawler • And up to 85% using both crawler and manual inputs
Ad

Recommended

Spark with Delta Lake
Spark with Delta LakeSpark with Delta Lake
Spark with Delta Lake
Knoldus Inc.
 
Natural Language Search with Knowledge Graphs (Haystack 2019)
Natural Language Search with Knowledge Graphs (Haystack 2019)Natural Language Search with Knowledge Graphs (Haystack 2019)
Natural Language Search with Knowledge Graphs (Haystack 2019)
Trey Grainger
 
Advanced SQL For Data Scientists
Advanced SQL For Data ScientistsAdvanced SQL For Data Scientists
Advanced SQL For Data Scientists
Databricks
 
Creating a Data validation and Testing Strategy
Creating a Data validation and Testing StrategyCreating a Data validation and Testing Strategy
Creating a Data validation and Testing Strategy
RTTS
 
Data Engineering
Data EngineeringData Engineering
Data Engineering
kiansahafi
 
Microsoft SQL Server Analysis Services (SSAS) - A Practical Introduction
Microsoft SQL Server Analysis Services (SSAS) - A Practical Introduction Microsoft SQL Server Analysis Services (SSAS) - A Practical Introduction
Microsoft SQL Server Analysis Services (SSAS) - A Practical Introduction
Mark Ginnebaugh
 
Free Training: How to Build a Lakehouse
Free Training: How to Build a LakehouseFree Training: How to Build a Lakehouse
Free Training: How to Build a Lakehouse
Databricks
 
Introduction to Data Engineering
Introduction to Data EngineeringIntroduction to Data Engineering
Introduction to Data Engineering
Durga Gadiraju
 
Networking in Java with NIO and Netty
Networking in Java with NIO and NettyNetworking in Java with NIO and Netty
Networking in Java with NIO and Netty
Constantine Slisenka
 
Getting Started with Databricks SQL Analytics
Getting Started with Databricks SQL AnalyticsGetting Started with Databricks SQL Analytics
Getting Started with Databricks SQL Analytics
Databricks
 
Optimizing Delta/Parquet Data Lakes for Apache Spark
Optimizing Delta/Parquet Data Lakes for Apache SparkOptimizing Delta/Parquet Data Lakes for Apache Spark
Optimizing Delta/Parquet Data Lakes for Apache Spark
Databricks
 
Getting started with postgresql
Getting started with postgresqlGetting started with postgresql
Getting started with postgresql
botsplash.com
 
Apache Flink and what it is used for
Apache Flink and what it is used forApache Flink and what it is used for
Apache Flink and what it is used for
Aljoscha Krettek
 
Understanding Query Plans and Spark UIs
Understanding Query Plans and Spark UIsUnderstanding Query Plans and Spark UIs
Understanding Query Plans and Spark UIs
Databricks
 
PostgreSQL and JDBC: striving for high performance
PostgreSQL and JDBC: striving for high performancePostgreSQL and JDBC: striving for high performance
PostgreSQL and JDBC: striving for high performance
Vladimir Sitnikov
 
Apache HAWQ Architecture
Apache HAWQ ArchitectureApache HAWQ Architecture
Apache HAWQ Architecture
Alexey Grishchenko
 
Presto best practices for Cluster admins, data engineers and analysts
Presto best practices for Cluster admins, data engineers and analystsPresto best practices for Cluster admins, data engineers and analysts
Presto best practices for Cluster admins, data engineers and analysts
Shubham Tagra
 
Adaptive Query Execution: Speeding Up Spark SQL at Runtime
Adaptive Query Execution: Speeding Up Spark SQL at RuntimeAdaptive Query Execution: Speeding Up Spark SQL at Runtime
Adaptive Query Execution: Speeding Up Spark SQL at Runtime
Databricks
 
Power bi
Power biPower bi
Power bi
jainema23
 
Demystifying Data Warehousing as a Service (GLOC 2019)
Demystifying Data Warehousing as a Service (GLOC 2019)Demystifying Data Warehousing as a Service (GLOC 2019)
Demystifying Data Warehousing as a Service (GLOC 2019)
Kent Graziano
 
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
HostedbyConfluent
 
Large Scale Lakehouse Implementation Using Structured Streaming
Large Scale Lakehouse Implementation Using Structured StreamingLarge Scale Lakehouse Implementation Using Structured Streaming
Large Scale Lakehouse Implementation Using Structured Streaming
Databricks
 
Power BI Overview
Power BI OverviewPower BI Overview
Power BI Overview
James Serra
 
APEX Connect 2019 - SQL Tuning 101
APEX Connect 2019 - SQL Tuning 101APEX Connect 2019 - SQL Tuning 101
APEX Connect 2019 - SQL Tuning 101
Connor McDonald
 
Feature store: Solving anti-patterns in ML-systems
Feature store: Solving anti-patterns in ML-systemsFeature store: Solving anti-patterns in ML-systems
Feature store: Solving anti-patterns in ML-systems
Andrzej Michałowski
 
Power BI Made Simple
Power BI Made SimplePower BI Made Simple
Power BI Made Simple
James Serra
 
Apache Arrow - An Overview
Apache Arrow - An OverviewApache Arrow - An Overview
Apache Arrow - An Overview
Dremio Corporation
 
File Format Benchmark - Avro, JSON, ORC & Parquet
File Format Benchmark - Avro, JSON, ORC & ParquetFile Format Benchmark - Avro, JSON, ORC & Parquet
File Format Benchmark - Avro, JSON, ORC & Parquet
DataWorks Summit/Hadoop Summit
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
IRJET Journal
 
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKA PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
IRJET Journal
 
Ad

More Related Content

What's hot (20)

Networking in Java with NIO and Netty
Networking in Java with NIO and NettyNetworking in Java with NIO and Netty
Networking in Java with NIO and Netty
Constantine Slisenka
 
Getting Started with Databricks SQL Analytics
Getting Started with Databricks SQL AnalyticsGetting Started with Databricks SQL Analytics
Getting Started with Databricks SQL Analytics
Databricks
 
Optimizing Delta/Parquet Data Lakes for Apache Spark
Optimizing Delta/Parquet Data Lakes for Apache SparkOptimizing Delta/Parquet Data Lakes for Apache Spark
Optimizing Delta/Parquet Data Lakes for Apache Spark
Databricks
 
Getting started with postgresql
Getting started with postgresqlGetting started with postgresql
Getting started with postgresql
botsplash.com
 
Apache Flink and what it is used for
Apache Flink and what it is used forApache Flink and what it is used for
Apache Flink and what it is used for
Aljoscha Krettek
 
Understanding Query Plans and Spark UIs
Understanding Query Plans and Spark UIsUnderstanding Query Plans and Spark UIs
Understanding Query Plans and Spark UIs
Databricks
 
PostgreSQL and JDBC: striving for high performance
PostgreSQL and JDBC: striving for high performancePostgreSQL and JDBC: striving for high performance
PostgreSQL and JDBC: striving for high performance
Vladimir Sitnikov
 
Apache HAWQ Architecture
Apache HAWQ ArchitectureApache HAWQ Architecture
Apache HAWQ Architecture
Alexey Grishchenko
 
Presto best practices for Cluster admins, data engineers and analysts
Presto best practices for Cluster admins, data engineers and analystsPresto best practices for Cluster admins, data engineers and analysts
Presto best practices for Cluster admins, data engineers and analysts
Shubham Tagra
 
Adaptive Query Execution: Speeding Up Spark SQL at Runtime
Adaptive Query Execution: Speeding Up Spark SQL at RuntimeAdaptive Query Execution: Speeding Up Spark SQL at Runtime
Adaptive Query Execution: Speeding Up Spark SQL at Runtime
Databricks
 
Power bi
Power biPower bi
Power bi
jainema23
 
Demystifying Data Warehousing as a Service (GLOC 2019)
Demystifying Data Warehousing as a Service (GLOC 2019)Demystifying Data Warehousing as a Service (GLOC 2019)
Demystifying Data Warehousing as a Service (GLOC 2019)
Kent Graziano
 
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
HostedbyConfluent
 
Large Scale Lakehouse Implementation Using Structured Streaming
Large Scale Lakehouse Implementation Using Structured StreamingLarge Scale Lakehouse Implementation Using Structured Streaming
Large Scale Lakehouse Implementation Using Structured Streaming
Databricks
 
Power BI Overview
Power BI OverviewPower BI Overview
Power BI Overview
James Serra
 
APEX Connect 2019 - SQL Tuning 101
APEX Connect 2019 - SQL Tuning 101APEX Connect 2019 - SQL Tuning 101
APEX Connect 2019 - SQL Tuning 101
Connor McDonald
 
Feature store: Solving anti-patterns in ML-systems
Feature store: Solving anti-patterns in ML-systemsFeature store: Solving anti-patterns in ML-systems
Feature store: Solving anti-patterns in ML-systems
Andrzej Michałowski
 
Power BI Made Simple
Power BI Made SimplePower BI Made Simple
Power BI Made Simple
James Serra
 
Apache Arrow - An Overview
Apache Arrow - An OverviewApache Arrow - An Overview
Apache Arrow - An Overview
Dremio Corporation
 
File Format Benchmark - Avro, JSON, ORC & Parquet
File Format Benchmark - Avro, JSON, ORC & ParquetFile Format Benchmark - Avro, JSON, ORC & Parquet
File Format Benchmark - Avro, JSON, ORC & Parquet
DataWorks Summit/Hadoop Summit
 
Networking in Java with NIO and Netty
Networking in Java with NIO and NettyNetworking in Java with NIO and Netty
Networking in Java with NIO and Netty
Constantine Slisenka
 
Getting Started with Databricks SQL Analytics
Getting Started with Databricks SQL AnalyticsGetting Started with Databricks SQL Analytics
Getting Started with Databricks SQL Analytics
Databricks
 
Optimizing Delta/Parquet Data Lakes for Apache Spark
Optimizing Delta/Parquet Data Lakes for Apache SparkOptimizing Delta/Parquet Data Lakes for Apache Spark
Optimizing Delta/Parquet Data Lakes for Apache Spark
Databricks
 
Getting started with postgresql
Getting started with postgresqlGetting started with postgresql
Getting started with postgresql
botsplash.com
 
Apache Flink and what it is used for
Apache Flink and what it is used forApache Flink and what it is used for
Apache Flink and what it is used for
Aljoscha Krettek
 
Understanding Query Plans and Spark UIs
Understanding Query Plans and Spark UIsUnderstanding Query Plans and Spark UIs
Understanding Query Plans and Spark UIs
Databricks
 
PostgreSQL and JDBC: striving for high performance
PostgreSQL and JDBC: striving for high performancePostgreSQL and JDBC: striving for high performance
PostgreSQL and JDBC: striving for high performance
Vladimir Sitnikov
 
Apache HAWQ Architecture
Apache HAWQ ArchitectureApache HAWQ Architecture
Apache HAWQ Architecture
Alexey Grishchenko
 
Presto best practices for Cluster admins, data engineers and analysts
Presto best practices for Cluster admins, data engineers and analystsPresto best practices for Cluster admins, data engineers and analysts
Presto best practices for Cluster admins, data engineers and analysts
Shubham Tagra
 
Adaptive Query Execution: Speeding Up Spark SQL at Runtime
Adaptive Query Execution: Speeding Up Spark SQL at RuntimeAdaptive Query Execution: Speeding Up Spark SQL at Runtime
Adaptive Query Execution: Speeding Up Spark SQL at Runtime
Databricks
 
Power bi
Power biPower bi
Power bi
jainema23
 
Demystifying Data Warehousing as a Service (GLOC 2019)
Demystifying Data Warehousing as a Service (GLOC 2019)Demystifying Data Warehousing as a Service (GLOC 2019)
Demystifying Data Warehousing as a Service (GLOC 2019)
Kent Graziano
 
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
Azure Event Hubs - Behind the Scenes With Kasun Indrasiri | Current 2022
HostedbyConfluent
 
Large Scale Lakehouse Implementation Using Structured Streaming
Large Scale Lakehouse Implementation Using Structured StreamingLarge Scale Lakehouse Implementation Using Structured Streaming
Large Scale Lakehouse Implementation Using Structured Streaming
Databricks
 
Power BI Overview
Power BI OverviewPower BI Overview
Power BI Overview
James Serra
 
APEX Connect 2019 - SQL Tuning 101
APEX Connect 2019 - SQL Tuning 101APEX Connect 2019 - SQL Tuning 101
APEX Connect 2019 - SQL Tuning 101
Connor McDonald
 
Feature store: Solving anti-patterns in ML-systems
Feature store: Solving anti-patterns in ML-systemsFeature store: Solving anti-patterns in ML-systems
Feature store: Solving anti-patterns in ML-systems
Andrzej Michałowski
 
Power BI Made Simple
Power BI Made SimplePower BI Made Simple
Power BI Made Simple
James Serra
 
Apache Arrow - An Overview
Apache Arrow - An OverviewApache Arrow - An Overview
Apache Arrow - An Overview
Dremio Corporation
 
File Format Benchmark - Avro, JSON, ORC & Parquet
File Format Benchmark - Avro, JSON, ORC & ParquetFile Format Benchmark - Avro, JSON, ORC & Parquet
File Format Benchmark - Avro, JSON, ORC & Parquet
DataWorks Summit/Hadoop Summit
 

Similar to Metamorphic Testing for Web System Security (20)

IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
IRJET Journal
 
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKA PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
IRJET Journal
 
spamzombieppt
spamzombiepptspamzombieppt
spamzombieppt
kajol agarwal
 
A Study on Vulnerability Management
A Study on Vulnerability ManagementA Study on Vulnerability Management
A Study on Vulnerability Management
IRJET Journal
 
An anomalous behavior detection model in cloud computing
An anomalous behavior detection model in cloud computingAn anomalous behavior detection model in cloud computing
An anomalous behavior detection model in cloud computing
redpel dot com
 
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET Journal
 
BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW
BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEWBOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW
BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW
IRJET Journal
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
SBGC
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
SBGC
 
BLOCKHUNTER.pptx
BLOCKHUNTER.pptxBLOCKHUNTER.pptx
BLOCKHUNTER.pptx
BhanuCharan9
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
 
Elevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdf
Elevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdfElevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdf
Elevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdf
SecurityGen1
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
Common Tools Used in Penetration Testing.pptx (1).pdf
Common Tools Used in Penetration Testing.pptx (1).pdfCommon Tools Used in Penetration Testing.pptx (1).pdf
Common Tools Used in Penetration Testing.pptx (1).pdf
Rosy G
 
IRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networks
IRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networksIRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networks
IRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networks
IRJET Journal
 
Analyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSNAnalyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSN
IJERA Editor
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved Security
Datacomsystemsinc
 
Network testing and debugging
Network testing and debuggingNetwork testing and debugging
Network testing and debugging
SADEED AMEEN
 
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...
IRJET Journal
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
IRJET Journal
 
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKA PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
IRJET Journal
 
spamzombieppt
spamzombiepptspamzombieppt
spamzombieppt
kajol agarwal
 
A Study on Vulnerability Management
A Study on Vulnerability ManagementA Study on Vulnerability Management
A Study on Vulnerability Management
IRJET Journal
 
An anomalous behavior detection model in cloud computing
An anomalous behavior detection model in cloud computingAn anomalous behavior detection model in cloud computing
An anomalous behavior detection model in cloud computing
redpel dot com
 
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET Journal
 
BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW
BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEWBOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW
BOTNET DETECTION USING VARIOUS MACHINE LEARNING ALGORITHMS: A REVIEW
IRJET Journal
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
SBGC
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
SBGC
 
BLOCKHUNTER.pptx
BLOCKHUNTER.pptxBLOCKHUNTER.pptx
BLOCKHUNTER.pptx
BhanuCharan9
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
 
Elevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdf
Elevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdfElevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdf
Elevating Connectivity Exploring - Telecom Security Monitoring Solutions.pdf
SecurityGen1
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
Common Tools Used in Penetration Testing.pptx (1).pdf
Common Tools Used in Penetration Testing.pptx (1).pdfCommon Tools Used in Penetration Testing.pptx (1).pdf
Common Tools Used in Penetration Testing.pptx (1).pdf
Rosy G
 
IRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networks
IRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networksIRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networks
IRJET- Gray-Hole Attack Minimization based on contradiction for ad-hoc networks
IRJET Journal
 
Analyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSNAnalyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSN
IJERA Editor
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved Security
Datacomsystemsinc
 
Network testing and debugging
Network testing and debuggingNetwork testing and debugging
Network testing and debugging
SADEED AMEEN
 
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...
IRJET Journal
 
Ad

More from Lionel Briand (20)

FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...
FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...
FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...
Lionel Briand
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
Lionel Briand
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
Lionel Briand
 
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Lionel Briand
 
Fuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingFuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation Testing
Lionel Briand
 
Data-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical SystemsData-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical Systems
Lionel Briand
 
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsMany-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Lionel Briand
 
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
Lionel Briand
 
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Lionel Briand
 
PRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsPRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System Logs
Lionel Briand
 
Revisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingRevisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software Testing
Lionel Briand
 
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Lionel Briand
 
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyAutonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Lionel Briand
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Lionel Briand
 
Reinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationReinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case Prioritization
Lionel Briand
 
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Lionel Briand
 
On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...
Lionel Briand
 
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Lionel Briand
 
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Lionel Briand
 
FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...
FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...
FlakyFix: Using Large Language Models for Predicting Flaky Test Fix Categorie...
Lionel Briand
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
Lionel Briand
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
Lionel Briand
 
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Lionel Briand
 
Fuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingFuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation Testing
Lionel Briand
 
Data-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical SystemsData-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical Systems
Lionel Briand
 
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsMany-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Lionel Briand
 
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
Lionel Briand
 
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Lionel Briand
 
PRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsPRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System Logs
Lionel Briand
 
Revisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingRevisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software Testing
Lionel Briand
 
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Lionel Briand
 
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyAutonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Lionel Briand
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Lionel Briand
 
Reinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationReinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case Prioritization
Lionel Briand
 
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Lionel Briand
 
On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...
Lionel Briand
 
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Lionel Briand
 
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Lionel Briand
 
Ad

Recently uploaded (20)

How to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud PerformanceHow to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud Performance
ThousandEyes
 
The Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdfThe Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdf
drewplanas10
 
Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025
kashifyounis067
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Expand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchangeExpand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchange
Fexle Services Pvt. Ltd.
 
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software DevelopmentSecure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Shubham Joshi
 
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Orangescrum
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
How can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptxHow can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptx
laravinson24
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025
mu394968
 
FL Studio Producer Edition Crack 2025 Full Version
FL Studio Producer Edition Crack 2025 Full VersionFL Studio Producer Edition Crack 2025 Full Version
FL Studio Producer Edition Crack 2025 Full Version
tahirabibi60507
 
WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)
sh607827
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Solidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license codeSolidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license code
aneelaramzan63
 
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRYLEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
NidaFarooq10
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 
How to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud PerformanceHow to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud Performance
ThousandEyes
 
The Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdfThe Significance of Hardware in Information Systems.pdf
The Significance of Hardware in Information Systems.pdf
drewplanas10
 
Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025
kashifyounis067
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Expand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchangeExpand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchange
Fexle Services Pvt. Ltd.
 
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software DevelopmentSecure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Shubham Joshi
 
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Orangescrum
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
How can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptxHow can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptx
laravinson24
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025
mu394968
 
FL Studio Producer Edition Crack 2025 Full Version
FL Studio Producer Edition Crack 2025 Full VersionFL Studio Producer Edition Crack 2025 Full Version
FL Studio Producer Edition Crack 2025 Full Version
tahirabibi60507
 
WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)
sh607827
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Solidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license codeSolidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license code
aneelaramzan63
 
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRYLEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
LEARN SEO AND INCREASE YOUR KNOWLDGE IN SOFTWARE INDUSTRY
NidaFarooq10
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 

Metamorphic Testing for Web System Security

  • 1. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 1 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Journal First – IEEE Transaction on Software Engineering Presented by: Nazanin Bayati 13 September 2023 University of Ottawa University of Luxembourg Nazanin Bayati University of Ottawa Fabrizio Pastore University of Luxembourg Lionel Briand University of Ottawa University of Luxembourg Arda Goknil SINTEF Digital, Norway Metamorphic Testing for Web System Security
  • 2. 2 Security vulnerabilities are subtle Discovered when testing with many inputs Specifying expected results is infeasible
  • 3. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 3 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Metamorphic Testing alleviates the Oracle Problem • Metamorphic Testing (MT) is based on the idea that • it may be simpler to reason about relations between outputs of multiple test executions, called Metamorphic Relations (MRs), than to specify the output of the system for a given input • In MT, system properties are captured as MRs that • specify how to automatically transform an initial set of test inputs (source inputs) into follow-up test inputs • specify the relation between the outputs obtained from source and follow-up inputs • A failure is observed when such relations are violated.
  • 4. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 4 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Metamorphic Security Testing • Source input: a sequence of valid interactions with the system {login(Admin), RequestURL(settings_page)} • Follow-up input: generated by altering valid interactions as an attacker would do {login(User1), RequestURL(settings_page)} • Relations: capture properties that hold when the system is not vulnerable if the user in the follow-up input cannot access the URL from her GUI then the output of the source and follow-up inputs should be different
  • 5. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 5 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi: Metamorphic Security Testing for Web Interfaces Web System Execute the Data Collection Framework Catalog of 76 Metamorphic Relations Select or Specify the Metamorphic Relations Execute the Metamorphic Testing Framework Test results Translate Metamorphic Relations to Java List of Metamorphic Relations Executable Metamorphic Relations in Java Source Inputs 1 2 3 4 Submit form logout Log in logout Log in
  • 6. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 6 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
  • 7. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 7 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
  • 8. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 8 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
  • 9. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 9 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
  • 10. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 10 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
  • 11. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 11 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema
  • 12. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 12 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – MR Example • Security issue: Bypass Authorization Schema Our metamorphic testing algorithm executes each MR multiple times, to ensure that every possible combination of source and follow-up inputs is exercised
  • 13. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 13 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Research Questions • RQ1. What testing activities can be automated thanks to oracle automation provided by MST-wi? • RQ2. What vulnerability types can MST-wi detect? • RQ3. What testability guidelines can we define to enable effective test automation with MST-wi? • RQ4. How does MST-wi compare to state-of-the-art SAST and DAST tools? • RQ5. Can we identify patterns for writing MST-wi relations? • RQ6. Is MST-wi effective? • RQ7. Is MST-wi efficient?
  • 14. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 14 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – What vulnerability types can MST-wi detect? • We investigated the feasibility of implementing MRs that discover the vulnerability types described in the MITRE Common Weakness Enumeration (CWE) database • Considered three subsets: • CWE view for common security architectural tactics • CWE Top 25 most dangerous software errors • OWASP Top 10 Web security risks • To implement an MR, for each weakness, we first inspect its description, its demonstrative examples, the description of concrete vulnerabilities (CVE) and common attack patterns (CAPEC) associated with the weakness. • This process led to a catalog of 76 MRs.
  • 15. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 15 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – What vulnerability types can MST-wi detect? Security Design Principle Vulnerability types Addressed by MST-wi Rank Audit 6 1(16%) 10th Authenticate Actors 28 12 (43%) 4th Authorize Actors 60 34 (57%) 3rd Cross Cutting 9 3 (33%) 6th Encrypt Data 38 8 (21%) 8th Identify Actors 12 3 (25%) 7th Limit Access 8 3 (38%) 5th Limit Exposure 6 0 (0%) 11th Lock Computer 1 0 (0%) 11th Manage User Session 6 4 (67%) 2nd Validate Inputs 39 31 (79%) 1st Verify Message Integrity 19 2 (20%) 9th Total 223 101 (45%) Summary of the CWE architectural security design principles and weaknesses addressed by MST-wi.
  • 16. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 16 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? • We compared the vulnerability types detected by MST-wi, with the vulnerability types detected by state- of-the-art SAST and DAST tool reported in a recent empirical study
  • 17. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 17 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses bot addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 84 The set of weaknesses targeted by MST-wi is larger than what can be targeted by applying all four competing approaches together.
  • 18. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 18 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Is MST-wi effective? Applied MST-wi to test well-known Web systems: • Jenkins v 2.121 • Joomla v. 3.8.7. Assessed MST-wi capability to detect known vulnerabilities: • 11 for Jenkins, 3 for Joomla. • One of them discovered by MST-wi (CVE-2018-17857) Considered two setups: • Derive source inputs with crawler only • Consider additional manually implemented functional test cases Metrics: • Sensitivity: proportion of vulnerabilities identified • Specificity: proportion of inputs not leading to false alarms
  • 19. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 19 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Is MST-wi effective? • The high specificity indicates that only a negligible fraction of follow-up inputs leads to false alarms • Since sensitivity reflects the fault detection rate (i.e., the proportion of vulnerabilities discovered), we conclude that our approach is highly effective • We can discover more than 60% of vulnerabilities in a completely automated manner, using only the crawler • And up to 85% using both crawler and manual inputs
  • 20. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 20 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 https://github.com/MetamorphicSecurityTesting/MST
  • 21. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 21 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 Metamorphic Testing for Web System Security Presented by: Nazanin Bayati 13 September 2023 N. Bayati Chaleshtari, F. Pastore, A. Goknil, and L. Briand, "Metamorphic Testing for Web System Security", IEEE Transactions on Software Engineering, 2023, https://ieeexplore.ieee.org/document/10089522 [email protected] University of Ottawa University of Luxembourg
  • 22. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 23 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses bot addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 56 MST can detect 56 weaknesses that any other approach cannot address.
  • 23. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 24 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses not addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 39 Combined together, DAST/SAST approaches can address only 39 weaknesses that MST-wi does not address.
  • 24. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 25 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses not addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 39 Combined together, DAST/SAST approaches can address only 39 weaknesses that MST-wi does not address. • The weaknesses that MST-wi cannot address are mostly those (i) that can only be discovered using program analysis, (ii) that are not related to user-system interactions, or (iii) that concern non-Web-based systems.
  • 25. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 26 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – How does MST-wi compare to state-of-the-art SAST and DAST tools? Security Design Principle Weaknesses Addresses by Weaknesses Addressed by MST but not by Weaknesses bot addresses by MST but addresses by MST Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Zap DA2 Sonar SA2 Audit 1 0 0 0 3 1 1 1 0 0 0 0 2 Authenticate Actors 12 0 2 1 9 12 11 11 7 0 1 0 4 Authorize Actors 34 2 0 1 13 32 34 34 25 0 0 1 4 Cross Cutting 3 0 0 2 0 3 3 2 3 0 0 1 0 Encrypt Data 8 2 5 8 10 8 8 7 4 2 5 7 6 Identify Actors 3 1 1 1 7 3 3 3 1 1 1 1 5 Limit Access 3 0 1 1 5 3 3 2 0 0 1 0 2 Limit Exposure 0 1 0 0 1 0 0 0 0 1 0 0 1 Lock Computer 0 0 0 0 0 0 0 0 0 0 0 0 0 Manage User Session 4 0 0 0 2 4 4 4 2 0 0 0 0 Validate Inputs 31 10 7 2 14 24 25 30 19 3 1 1 2 Verify Message Integrity 2 1 0 0 3 2 2 2 1 1 0 0 2 Total 101 17 16 16 67 92 94 96 62 8 9 11 28 Combining MST-wi with SA2 seems to be a particularly effective combination as it enables detecting 129 weaknesses (i.e., 101 + 28), which is 92% of the 140 weaknesses that can be detected by any approach.
  • 26. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 29 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi: Metamorphic Security Testing for Web Interfaces Web System Execute the Data Collection Framework List of Predefined Metamorphic Relations Select and Specify the MRs Execute the Metamorphic Testing Framework Test results Transform MRs to Java List of MRs Executable MRs S(x,y) Source Inputs
  • 27. University of Ottawa | University of Luxembourg University of Ottawa | University of Luxembourg 30 Nazanin Bayati - Metamorphic Testing for Web System Security 13 September 2023 MST-wi – Is MST-wi effective? • The high specificity indicates that only a negligible fraction of follow-up inputs leads to false alarms • Since sensitivity reflects the fault detection rate (i.e., the proportion of vulnerabilities discovered), we conclude that our approach is highly effective • We can discover more than 60% of vulnerabilities in a completely automated manner, using only the crawler • And up to 85% using both crawler and manual inputs