LDAP Vulnerability Detection in Web Applications

Lightweight Directory Access Protocol (LDAP) is commonly used in web applications to provide lookup information and enforcing authentication. Web applications may suffer from LDAP injection vulnerabilities that can lead to security breaches such as login bypass and privilege escalation. This paper1 proposes OCL fault injection-based detection of LDAP injection attacks. The authors extract design-level information and constraints expressed in OCL and then randomly alter them to generate test cases that have the capability to uncover LDAP injection vulnerabilities. The authors proposed approaches to implement test case generation, and they used one open source PHP application and one custom application to evaluate the proposed approach. The analysis shows that this approach can detect LDAP injection vulnerabilities.

Download Full-text

Performance of Enhanced Multiple-Searching Genetic Algorithm for Test Case Generation in Software Testing

Mathematics ◽

10.3390/math9151779 ◽

2021 ◽

Vol 9 (15) ◽

pp. 1779

Author(s):

Wanida Khamprapai ◽

Cheng-Fa Tsai ◽

Paohsi Wang ◽

Chi-En Tsai

Keyword(s):

Genetic Algorithm ◽

Software Testing ◽

Random Search ◽

Automatic Generation ◽

Superior Performance ◽

Test Case Generation ◽

Test Case ◽

Test Cases ◽

Network Systems ◽

Routing Problem

Test case generation is an important process in software testing. However, manual generation of test cases is a time-consuming process. Automation can considerably reduce the time required to create adequate test cases for software testing. Genetic algorithms (GAs) are considered to be effective in this regard. The multiple-searching genetic algorithm (MSGA) uses a modified version of the GA to solve the multicast routing problem in network systems. MSGA can be improved to make it suitable for generating test cases. In this paper, a new algorithm called the enhanced multiple-searching genetic algorithm (EMSGA), which involves a few additional processes for selecting the best chromosomes in the GA process, is proposed. The performance of EMSGA was evaluated through comparison with seven different search-based techniques, including random search. All algorithms were implemented in EvoSuite, which is a tool for automatic generation of test cases. The experimental results showed that EMSGA increased the efficiency of testing when compared with conventional algorithms and could detect more faults. Because of its superior performance compared with that of existing algorithms, EMSGA can enable seamless automation of software testing, thereby facilitating the development of different software packages.

Download Full-text

Automated test case generation approach for PLC control software exception handling using fault injection

IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society ◽

10.1109/iecon.2011.6119280 ◽

2011 ◽

Cited By ~ 22

Author(s):

Benjamin Kormann ◽

Birgit Vogel-Heuser

Keyword(s):

Fault Injection ◽

Exception Handling ◽

Test Case Generation ◽

Test Case ◽

Control Software ◽

Plc Control ◽

Automated Test Case Generation ◽

Automated Test

Download Full-text

Proposal of Iterative Genetic Algorithm for Test Suite Generation

International Journal of Information System Modeling and Design ◽

10.4018/ijismd.2021010106 ◽

2021 ◽

Vol 12 (1) ◽

pp. 111-130

Author(s):

Ankita Bansal ◽

Abha Jain ◽

Abhijeet Anand ◽

Swatantra Annk

Keyword(s):

Genetic Algorithm ◽

Execution Time ◽

Test Case Generation ◽

Test Case ◽

Test Cases ◽

Computation Complexity ◽

Test Suite Generation ◽

Adaptive Nature ◽

Efficiency And Reliability

Huge and reputed software industries are expected to deliver quality products. However, industry suffers from a loss of approximately $500 billion due to shoddy software quality. The quality of the product in terms of its accuracy, efficiency, and reliability can be revamped through testing by focusing attention on testing the product through effective test case generation and prioritization. The authors have proposed a test-case generation technique based on iterative listener genetic algorithm that generates test cases automatically. The proposed technique uses its adaptive nature and solves the issues like redundant test cases, inefficient test coverage percentage, high execution time, and increased computation complexity by maintaining the diversity of the population which will decrease the redundancy in test cases. The performance of the technique is compared with four existing test-case generation algorithms in terms of computational complexity, execution time, coverage, and it is observed that the proposed technique outperformed.

Download Full-text

Optimized Test Case Generation for Object Oriented Systems Using Weka Open Source Software

Research Anthology on Usage and Development of Open Source Software ◽

10.4018/978-1-7998-9158-1.ch032 ◽

2021 ◽

pp. 596-618

Author(s):

Rajvir Singh ◽

Anita Singhrova ◽

Rajesh Bhatia

Keyword(s):

Open Source ◽

Open Source Software ◽

Effective Means ◽

Object Oriented ◽

Test Case Generation ◽

Test Case ◽

Test Cases ◽

Time Saving ◽

Class Level ◽

Fault Proneness

Detection of fault proneness classes helps software testers to generate effective class level test cases. In this article, a novel technique is presented for an optimized test case generation for ant-1.7 open source software. Class level object oriented (OO) metrics are considered as effective means to find fault proneness classes. The open source software ant-1.7 is considered for the evaluation of proposed techniques as a case study. The proposed mathematical model is the first of its kind generated using Weka open source software to select effective OO metrics. Effective and ineffective OO metrics are identified using feature selection techniques for generating test cases to cover fault proneness classes. In this methodology, only effective metrics are considered for assigning weights to test paths. The results indicate that the proposed methodology is effective and efficient as the average fault exposition potential of generated test cases is 90.16% and test cases execution time saving is 45.11%.

Download Full-text

Search for Prioritized Test Cases during Web Application Testing

International Journal of Applied Metaheuristic Computing ◽

10.4018/ijamc.2019040101 ◽

2019 ◽

Vol 10 (2) ◽

pp. 1-26 ◽

Cited By ~ 1

Author(s):

Munish Khanna ◽

Naresh Chauhan ◽

Dilip Kumar Sharma

Keyword(s):

Web Application ◽

Web Applications ◽

Greedy Algorithms ◽

Regression Testing ◽

Test Sequence ◽

Test Case ◽

Test Cases ◽

Average Percentage ◽

Heuristic Approaches ◽

Better Than

Regression testing of evolving software is a critical constituent of the software development process. Due to resources constraints, test case prioritization is one of the strategies followed in regression testing during which a test case that satisfies predefined objectives the most, as the tester perceives, would be executed the earliest. In this study, all the experiments were performed on three web applications consisting of 65 to 100 pages with lines of code ranging from 5000 to 7000. Various state-of-the-art approaches such as, heuristic approaches, Greedy approaches, and meta heuristic approaches were applied so as to identify the prioritized test sequence which maximizes the value of average percentage of fault detection. Performance of these algorithms was compared using different parameters and it was concluded that the Artificial Bee Colony algorithm performs better than all. Two novel greedy algorithms are also proposed in the study, of which the goal is to smartly manage the state of a tie, where a tie exhibits the condition that all the test cases participating in the tie are of equal significance in achieving the objective. It has also been validated that the performance of these novel proposed algorithm(s) is better than that of traditionally followed greedy approach, most of the time.

Download Full-text

Test case generation for object-oriented imperative languages in CLP

Theory and Practice of Logic Programming ◽

10.1017/s1471068410000347 ◽

2010 ◽

Vol 10 (4-6) ◽

pp. 659-674 ◽

Cited By ~ 16

Author(s):

MIGUEL GÓMEZ-ZAMALLOA ◽

ELVIRA ALBERT ◽

GERMÁN PUEBLA

Keyword(s):

Symbolic Execution ◽

Object Oriented ◽

Test Case Generation ◽

Test Case ◽

Test Cases ◽

Software Development Process ◽

Java Programs ◽

Promising Application ◽

Account Due ◽

Imperative Language

AbstractTesting is a vital part of the software development process. Test Case Generation (TCG) is the process of automatically generating a collection of test-cases which are applied to a system under test. White-box TCG is usually performed by means of symbolic execution, i.e., instead of executing the program on normal values (e.g., numbers), the program is executed on symbolic values representing arbitrary values. When dealing with an object-oriented (OO) imperative language, symbolic execution becomes challenging as, among other things, it must be able to backtrack, complex heap-allocated data structures should be created during the TCG process and features like inheritance, virtual invocations and exceptions have to be taken into account. Due to its inherent symbolic execution mechanism, we pursue in this paper that Constraint Logic Programming (CLP) has a promising application field in tcg. We will support our claim by developing a fully CLP-based framework to TCG of an OO imperative language, and by assessing it on a corresponding implementation on a set of challenging Java programs.

Download Full-text

Test Case Generation Based on Client-Server of Web Applications by Memetic Algorithm

2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE) ◽

10.1109/issre.2019.00029 ◽

2019 ◽

Author(s):

Weiwei Wang ◽

Xiaohong Guo ◽

Zheng Li ◽

Ruilian Zhao

Keyword(s):

Web Applications ◽

Memetic Algorithm ◽

Test Case Generation ◽

Test Case ◽

Client Server

Download Full-text

A Critical Review on Automated Test Case Generation for Conducting Combinatorial Testing Using Particle Swarm Optimization

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.8.15212 ◽

2018 ◽

Vol 7 (3.8) ◽

pp. 22 ◽

Cited By ~ 1

Author(s):

Dr V. Chandra Prakash ◽

Subhash Tatale ◽

Vrushali Kondhalkar ◽

Laxmi Bewoor

Keyword(s):

Particle Swarm Optimization ◽

Critical Review ◽

Optimization Problem ◽

Test Suite ◽

Test Case Generation ◽

Test Case ◽

Test Cases ◽

Combinatorial Testing ◽

Swarm Optimization ◽

Automated Test Case Generation

In software development life cycle, testing plays the significant role to verify requirement specification, analysis, design, coding and to estimate the reliability of software system. A test manager can write a set of test cases manually for the smaller software systems. However, for the extensive software system, normally the size of test suite is large, and the test suite is prone to an error committed like omissions of important test cases, duplication of some test cases and contradicting test cases etc. When test cases are generated automatically by a tool in an intelligent way, test errors can be eliminated. In addition, it is even possible to reduce the size of test suite and thereby to decrease the cost & time of software testing.It is a challenging job to reduce test suite size. When there are interacting inputs of Software under Test (SUT), combinatorial testing is highly essential to ensure higher reliability from 72 % to 91 % or even more than that. A meta-heuristic algorithm like Particle Swarm Optimization (PSO) solves optimization problem of automated combinatorial test case generation. Many authors have contributed in the field of combinatorial test case generation using PSO algorithms.We have reviewed some important research papers on automated test case generation for combinatorial testing using PSO. This paper provides a critical review of use of PSO and its variants for solving the classical optimization problem of automatic test case generation for conducting combinatorial testing.

Download Full-text

Test case generation for semantic-based user input validation of web applications

International Journal of Web Engineering and Technology ◽

10.1504/ijwet.2018.10016166 ◽

2018 ◽

Vol 13 (3) ◽

pp. 225

Author(s):

Malcolm Munro ◽

Samer Hanna

Keyword(s):

Web Applications ◽

Test Case Generation ◽

Test Case ◽

User Input ◽

Input Validation

Download Full-text

FlakyLoc: Flakiness Localization for Reliable Test Suites in Web Applications

Journal of Web Engineering ◽

10.13052/jwe1540-9589.1927 ◽

2020 ◽

Author(s):

Jesús Morán ◽

Cristian Augusto ◽

Antonia Bertolino ◽

Claudio De La Riva ◽

Javier Tuya

Keyword(s):

Environmental Factors ◽

Web Application ◽

Web Applications ◽

Test Case ◽

Test Cases ◽

Root Cause ◽

Test Execution ◽

Fine Grain ◽

Asynchronous Communications

Web application testing is a great challenge due to the management of complex asynchronous communications, the concurrency between the clients-servers, and the heterogeneity of resources employed. It is difficult to ensure that a test case is re-running in the same conditions because it can be executed in undesirable ways according to several environmental factors that are not easy to fine-grain control such as network bottlenecks, memory issues or screen resolution. These environmental factors can cause flakiness, which occurs when the same test case sometimes obtains one test outcome and other times another outcome in the same application due to the execution of environmental factors. The tester usually stops relying on flaky test cases because their outcome varies during the re-executions. To fix and reduce the flakiness it is very important to locate and understand which environmental factors cause the flakiness. This paper is focused on the localization of the root cause of flakiness in web applications based on the characterization of the different environmental factors that are not controlled during testing. The root cause of flakiness is located by means of spectrum-based localization techniques that analyse the test execution under different combinations of the environmental factors that can trigger the flakiness. This technique is evaluated with an educational web platform called FullTeaching. As a result, our technique was able to locate automatically the root cause of flakiness and provide enough information to both understand it and fix it.

Download Full-text