SlideShare uma empresa Scribd logo

Model based vulnerability testing abstract

Transferir como DOCX, PDF
Kupili Archana
Kupili Archana
Educação
1 de 1
Abstract: In this work we present a model-based framework for security vulnerabilities testing. Security vulnerabilities are not only related to security functionalities at the application level but are sensitive to implementation details. Thus traditional model-based approaches which elide implementation details are by themselves inadequate for testing security vulnerabilities. We propose a framework that retains the advantages of model based testing that exposes only the necessary details relevant for vulnerability testing. We define a three-model framework: a model or specification of the key aspects of the application, a model of the implementation and a model of the attacker, for automatic test case generation. This separation allows the test case generation process to test contexts missed by other model-based approaches. We also describe the key aspects of our tool that generates the tests.

Recomendados

JPJ1425 Security Evaluation of Pattern Classifiers under Attack
JPJ1425 Security Evaluation of Pattern Classifiers under AttackJPJ1425 Security Evaluation of Pattern Classifiers under Attack
JPJ1425 Security Evaluation of Pattern Classifiers under Attack
chennaijp
 
security evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attacksecurity evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attack
swathi78
 
Security assessment
Security assessmentSecurity assessment
Security assessment
Antonio Bristow
 
Model based vulnerability testing report
Model based vulnerability testing reportModel based vulnerability testing report
Model based vulnerability testing report
Kupili Archana
 
Attack scripts generation for security validation fr
Attack scripts generation for security validation frAttack scripts generation for security validation fr
Attack scripts generation for security validation fr
ra992634
 
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems CodeBugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code
Miro Cupak
 
Materi Testing dan Implementasi Sistem - Testing throughout the software life...
Materi Testing dan Implementasi Sistem - Testing throughout the software life...Materi Testing dan Implementasi Sistem - Testing throughout the software life...
Materi Testing dan Implementasi Sistem - Testing throughout the software life...
devinta sari
 
Doctoral Thesis Presentation
Doctoral Thesis PresentationDoctoral Thesis Presentation
Doctoral Thesis Presentation
dt39127
 

Recomendados

JPJ1425 Security Evaluation of Pattern Classifiers under Attack
JPJ1425 Security Evaluation of Pattern Classifiers under AttackJPJ1425 Security Evaluation of Pattern Classifiers under Attack
JPJ1425 Security Evaluation of Pattern Classifiers under Attack
chennaijp
 
security evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attacksecurity evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attack
swathi78
 
Security assessment
Security assessmentSecurity assessment
Security assessment
Antonio Bristow
 
Model based vulnerability testing report
Model based vulnerability testing reportModel based vulnerability testing report
Model based vulnerability testing report
Kupili Archana
 
Attack scripts generation for security validation fr
Attack scripts generation for security validation frAttack scripts generation for security validation fr
Attack scripts generation for security validation fr
ra992634
 
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems CodeBugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code
Miro Cupak
 
Materi Testing dan Implementasi Sistem - Testing throughout the software life...
Materi Testing dan Implementasi Sistem - Testing throughout the software life...Materi Testing dan Implementasi Sistem - Testing throughout the software life...
Materi Testing dan Implementasi Sistem - Testing throughout the software life...
devinta sari
 
Doctoral Thesis Presentation
Doctoral Thesis PresentationDoctoral Thesis Presentation
Doctoral Thesis Presentation
dt39127
 
Lecture 17 design concepts (2)
Lecture 17 design concepts (2)Lecture 17 design concepts (2)
Lecture 17 design concepts (2)
IIUI
 
Optimizing fault injection in FMI co-simulation through sensitivity partitioning
Optimizing fault injection in FMI co-simulation through sensitivity partitioningOptimizing fault injection in FMI co-simulation through sensitivity partitioning
Optimizing fault injection in FMI co-simulation through sensitivity partitioning
mehmor
 
Threat modelling
Threat modellingThreat modelling
Threat modelling
Rajeev Venkata
 
verification of autonomous robotic system
verification of autonomous robotic systemverification of autonomous robotic system
verification of autonomous robotic system
ASJAYASURYA
 
Testcase definition
Testcase definitionTestcase definition
Testcase definition
Oana Feidi
 
Automating safety engineering with model based techniques
Automating safety engineering with model based techniquesAutomating safety engineering with model based techniques
Automating safety engineering with model based techniques
Juha-Pekka Tolvanen
 
Requirements & system modelling for verification
Requirements & system modelling for verificationRequirements & system modelling for verification
Requirements & system modelling for verification
Johan Hoberg
 
Testcase definition
Testcase definitionTestcase definition
Testcase definition
Oana Feidi
 
Keerthi report
Keerthi reportKeerthi report
Keerthi report
Keerthi Sagar
 
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATIONAPPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
IJNSA Journal
 
Practical Guidelines to Improve Defect Prediction Model – A Review
Practical Guidelines to Improve Defect Prediction Model – A ReviewPractical Guidelines to Improve Defect Prediction Model – A Review
Practical Guidelines to Improve Defect Prediction Model – A Review
inventionjournals
 
Se lec 3
Se lec 3Se lec 3
Se lec 3
Huda Alameen
 
Se lec1 (1)
Se lec1 (1)Se lec1 (1)
Se lec1 (1)
Huda Alameen
 
Se lec6
Se lec6Se lec6
Se lec6
Huda Alameen
 
Data handling and constraints
Data handling and constraintsData handling and constraints
Data handling and constraints
tmann1
 
12 bước phân tích hệ thống thông tin.
12 bước phân tích hệ thống thông tin.12 bước phân tích hệ thống thông tin.
12 bước phân tích hệ thống thông tin.
Toàn Nguyễn
 
Software testing and_quality_assurance_powerpoint_presentation
Software testing and_quality_assurance_powerpoint_presentationSoftware testing and_quality_assurance_powerpoint_presentation
Software testing and_quality_assurance_powerpoint_presentation
vigneshasromio
 
A new approach for formal behavioral
A new approach for formal behavioralA new approach for formal behavioral
A new approach for formal behavioral
ijfcstjournal
 
Ict
IctIct
Ict
Budi Christanto
 
A hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionA hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and prevention
ijdms
 
CHAPTER 15Security Quality Assurance TestingIn this chapter yo
CHAPTER 15Security Quality Assurance TestingIn this chapter yoCHAPTER 15Security Quality Assurance TestingIn this chapter yo
CHAPTER 15Security Quality Assurance TestingIn this chapter yo
JinElias52
 
Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attackSecurity evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack
Shakas Technologies
 

Mais conteúdo relacionado

Mais procurados

Optimizing fault injection in FMI co-simulation through sensitivity partitioning
Optimizing fault injection in FMI co-simulation through sensitivity partitioningOptimizing fault injection in FMI co-simulation through sensitivity partitioning
Optimizing fault injection in FMI co-simulation through sensitivity partitioning
mehmor
 
Testcase definition
Testcase definitionTestcase definition
Testcase definition
Oana Feidi
 
Automating safety engineering with model based techniques
Automating safety engineering with model based techniquesAutomating safety engineering with model based techniques
Automating safety engineering with model based techniques
Juha-Pekka Tolvanen
 
Requirements & system modelling for verification
Requirements & system modelling for verificationRequirements & system modelling for verification
Requirements & system modelling for verification
Johan Hoberg
 
Testcase definition
Testcase definitionTestcase definition
Testcase definition
Oana Feidi
 
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATIONAPPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
IJNSA Journal
 
Practical Guidelines to Improve Defect Prediction Model – A Review
Practical Guidelines to Improve Defect Prediction Model – A ReviewPractical Guidelines to Improve Defect Prediction Model – A Review
Practical Guidelines to Improve Defect Prediction Model – A Review
inventionjournals
 
Data handling and constraints
Data handling and constraintsData handling and constraints
Data handling and constraints
tmann1
 
Software testing and_quality_assurance_powerpoint_presentation
Software testing and_quality_assurance_powerpoint_presentationSoftware testing and_quality_assurance_powerpoint_presentation
Software testing and_quality_assurance_powerpoint_presentation
vigneshasromio
 
A new approach for formal behavioral
A new approach for formal behavioralA new approach for formal behavioral
A new approach for formal behavioral
ijfcstjournal
 
A hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionA hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and prevention
ijdms
 

Mais procurados (20)

Lecture 17 design concepts (2)
Lecture 17 design concepts (2)Lecture 17 design concepts (2)
Lecture 17 design concepts (2)
 
Optimizing fault injection in FMI co-simulation through sensitivity partitioning
Optimizing fault injection in FMI co-simulation through sensitivity partitioningOptimizing fault injection in FMI co-simulation through sensitivity partitioning
Optimizing fault injection in FMI co-simulation through sensitivity partitioning
 
Threat modelling
Threat modellingThreat modelling
Threat modelling
 
verification of autonomous robotic system
verification of autonomous robotic systemverification of autonomous robotic system
verification of autonomous robotic system
 
Testcase definition
Testcase definitionTestcase definition
Testcase definition
 
Automating safety engineering with model based techniques
Automating safety engineering with model based techniquesAutomating safety engineering with model based techniques
Automating safety engineering with model based techniques
 
Requirements & system modelling for verification
Requirements & system modelling for verificationRequirements & system modelling for verification
Requirements & system modelling for verification
 
Testcase definition
Testcase definitionTestcase definition
Testcase definition
 
Keerthi report
Keerthi reportKeerthi report
Keerthi report
 
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATIONAPPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
 
Practical Guidelines to Improve Defect Prediction Model – A Review
Practical Guidelines to Improve Defect Prediction Model – A ReviewPractical Guidelines to Improve Defect Prediction Model – A Review
Practical Guidelines to Improve Defect Prediction Model – A Review
 
Se lec 3
Se lec 3Se lec 3
Se lec 3
 
Se lec1 (1)
Se lec1 (1)Se lec1 (1)
Se lec1 (1)
 
Se lec6
Se lec6Se lec6
Se lec6
 
Data handling and constraints
Data handling and constraintsData handling and constraints
Data handling and constraints
 
12 bước phân tích hệ thống thông tin.
12 bước phân tích hệ thống thông tin.12 bước phân tích hệ thống thông tin.
12 bước phân tích hệ thống thông tin.
 
Software testing and_quality_assurance_powerpoint_presentation
Software testing and_quality_assurance_powerpoint_presentationSoftware testing and_quality_assurance_powerpoint_presentation
Software testing and_quality_assurance_powerpoint_presentation
 
A new approach for formal behavioral
A new approach for formal behavioralA new approach for formal behavioral
A new approach for formal behavioral
 
Ict
IctIct
Ict
 
A hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionA hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and prevention
 

Semelhante a Model based vulnerability testing abstract

CHAPTER 15Security Quality Assurance TestingIn this chapter yo
CHAPTER 15Security Quality Assurance TestingIn this chapter yoCHAPTER 15Security Quality Assurance TestingIn this chapter yo
CHAPTER 15Security Quality Assurance TestingIn this chapter yo
JinElias52
 
object oriented system analysis and design
object oriented system analysis and designobject oriented system analysis and design
object oriented system analysis and design
wekineheshete
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
Risun Hidayat
 
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORKPROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
IJCSEA Journal
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
As Fazli
 
A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...
A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...
A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...
ijccmsjournal
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
Evi Yandri
 
Threat modelling(system + enterprise)
Threat modelling(system + enterprise)Threat modelling(system + enterprise)
Threat modelling(system + enterprise)
abhimanyubhogwan
 
Aldi testing throughout the software life cycle 2
Aldi testing throughout the software life cycle 2Aldi testing throughout the software life cycle 2
Aldi testing throughout the software life cycle 2
aldi aulia
 

Semelhante a Model based vulnerability testing abstract (20)

CHAPTER 15Security Quality Assurance TestingIn this chapter yo
CHAPTER 15Security Quality Assurance TestingIn this chapter yoCHAPTER 15Security Quality Assurance TestingIn this chapter yo
CHAPTER 15Security Quality Assurance TestingIn this chapter yo
 
Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attackSecurity evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack
 
IEEE 2014 JAVA DATA MINING PROJECTS Security evaluation of pattern classifier...
IEEE 2014 JAVA DATA MINING PROJECTS Security evaluation of pattern classifier...IEEE 2014 JAVA DATA MINING PROJECTS Security evaluation of pattern classifier...
IEEE 2014 JAVA DATA MINING PROJECTS Security evaluation of pattern classifier...
 
2014 IEEE JAVA DATA MINING PROJECT Security evaluation of pattern classifiers...
2014 IEEE JAVA DATA MINING PROJECT Security evaluation of pattern classifiers...2014 IEEE JAVA DATA MINING PROJECT Security evaluation of pattern classifiers...
2014 IEEE JAVA DATA MINING PROJECT Security evaluation of pattern classifiers...
 
Software security testing
Software security testingSoftware security testing
Software security testing
 
An integrated security testing framework and tool
An integrated security testing framework and toolAn integrated security testing framework and tool
An integrated security testing framework and tool
 
object oriented system analysis and design
object oriented system analysis and designobject oriented system analysis and design
object oriented system analysis and design
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
 
Q44098893
Q44098893Q44098893
Q44098893
 
Challenges in Security Testing
Challenges in Security TestingChallenges in Security Testing
Challenges in Security Testing
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
 
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORKPROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
 
A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...
A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...
A Novel Approach to Derive the Average-Case Behavior of Distributed Embedded ...
 
Testing throughout the software life cycle (test types)
Testing throughout the software life cycle (test types)Testing throughout the software life cycle (test types)
Testing throughout the software life cycle (test types)
 
Testing throughout the software life cycle 2
Testing throughout the software life cycle 2Testing throughout the software life cycle 2
Testing throughout the software life cycle 2
 
Threat modelling(system + enterprise)
Threat modelling(system + enterprise)Threat modelling(system + enterprise)
Threat modelling(system + enterprise)
 
Testing throughout the software life cycle
Testing throughout the software life cycleTesting throughout the software life cycle
Testing throughout the software life cycle
 
Aldi testing throughout the software life cycle 2
Aldi testing throughout the software life cycle 2Aldi testing throughout the software life cycle 2
Aldi testing throughout the software life cycle 2
 
Testing throughout the software life cycle
Testing throughout the software life cycleTesting throughout the software life cycle
Testing throughout the software life cycle
 

Último

Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Último (20)

PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Model based vulnerability testing abstract

  • 1. Abstract: In this work we present a model-based framework for security vulnerabilities testing. Security vulnerabilities are not only related to security functionalities at the application level but are sensitive to implementation details. Thus traditional model-based approaches which elide implementation details are by themselves inadequate for testing security vulnerabilities. We propose a framework that retains the advantages of model based testing that exposes only the necessary details relevant for vulnerability testing. We define a three-model framework: a model or specification of the key aspects of the application, a model of the implementation and a model of the attacker, for automatic test case generation. This separation allows the test case generation process to test contexts missed by other model-based approaches. We also describe the key aspects of our tool that generates the tests.