Research on the Application of Adaptive Genetic Algorithm in Software Unit Security Test Simulation

At present, the security test and simulation of software unit mainly focuses on several links, such as software control structure amelioration, software process alternating quantity model control and model inspection tech, and there are still many shortcomings, such as high missed inspection rate, difficult to effectively guarantee the needs of practice, etc. Based on this, this paper first analyses the purpose and principle of software unit security test and simulation, then studies the utilization of ameliorated genetic algorithm in software unit security test simulation, and finally gives the simulation results analysis of software unit security test based on AGA.

Exploring Software Security Test Generation Techniques: Challenges and Opportunities

Ensuring the security of the software has raised concerns from the research community which triggered numerous approaches that tend to eliminate it. The process of ensuring the security of software includes the introduction of processes in the Software Development Life Cycle where one of them is testing after the software is developed. Manually testing software for security is a labor-intensive task. Therefore, it is required to automate the process of testing by generating test cases by automated techniques. In this paper, we review various software security test case generation approaches and techniques. We try to explore and classify the most eminent techniques for test case generation. The techniques are summarized and presented briefly to covers all researches work that has been done in the targeted classification. Moreover, this paper aims to depict the sound of security in the current state of the art of test case generation. The findings are summarized and discussed where the opportunities and challenges are revealed narratively. Although the paper intends to provide a comprehensive view of the research in test case generation, there was a noticeable lack in the test case generation from the security perspectives

Block-hash of blockchain framework against man-in-the-middle attacks

Payload authentication is vulnerable to Man-in-the-middle (MITM) attack. Blockchain technology offers methods such as peer to peer, block hash, and proof-of-work to secure the payload of authentication process. The implementation uses block hash and proof-of-work methods on blockchain technology and testing is using White-box-testing and security tests distributed to system security practitioners who are competent in MITM attacks. The analyisis results before implementing Blockchain technology show that the authentication payload is still in plain text, so the data confidentiality has not minimize passive voice. After implementing Blockchain technology to the system, white-box testing using the Wireshark gives the result that the authentication payload sent has been well encrypted and safe enough. The percentage of security test results gets 95% which shows that securing the system from MITM attacks is relatively high. Although it has succeeded in securing the system from MITM attacks, it still has a vulnerability from other cyber attacks, so implementation of the Blockchain needs security improvisation.

A Resourceful Approach in Security Testing to Protect Electronic Payment System Against Unforeseen Attack

This article describes how electronic payments are financial transactions made over the internet for goods or services. In the digital era, the e-commerce industry has gone beyond the traditional in-store service due to the wide spread of internet-based shopping. Developed countries are greatly relying on e-commerce business and a sizable number of countries have shown concern in regard to the online payment cards such as credit cards, debit cards, e-cash, e-cheques, e-wallets and smart card security. The main downsides are concerns over privacy or a malicious attack and hence safeguard mechanisms are required to protect personal information from falling into the hands of intruders. Before commercializing electronic payment systems (EPS), security tests play a significant role in the software development life cycle to check whether the system is secure and it is safe to use. A resourceful approach covering security policies, secure coding, security attack prevention methodology, security testing tool, security testing metrics, security test case prioritization techniques and a model for effective project management methodology are presented in this article. Early detection and resolution of security weaknesses can be achieved with the authors' proposed approach and would certainly reduce the time, effort and cost of a project. The proposed approach is likely the best-fit implementation of the payment industry, covering channels like B2C (Business to Consumer), C2C (Consumer to Consumer), C2B (Consumer to Business), B2B (Business to Business), People to People (P2P), G2C (Government to Citizen) and C2G (Citizen to Government).