Adaptive Hypermutation for Search-Based System Test Generation: A Study on REST APIs with EvoMaster

REST web services are widely popular in industry, and search techniques have been successfully used to automatically generate system-level test cases for those systems. In this article, we propose a novel mutation operator which is designed specifically for test generation at system-level, with a particular focus on REST APIs. In REST API testing, and often in system testing in general, an individual can have a long and complex chromosome. Furthermore, there are two specific issues: (1) fitness evaluation in system testing is highly costly compared with the number of objectives (e.g., testing targets) to optimize for; and (2) a large part of the genotype might have no impact on the phenotype of the individuals (e.g., input data that has no impact on the execution flow in the tested program). Due to these issues, it might be not suitable to apply a typical low mutation rate like 1/ n (where n is the number of genes in an individual), which would lead to mutating only one gene on average. Therefore, in this article, we propose an adaptive weight-based hypermutation, which is aware of the different characteristics of the mutated genes. We developed adaptive strategies that enable the selection and mutation of genes adaptively based on their fitness impact and mutation history throughout the search. To assess our novel proposed mutation operator, we implemented it in the EvoMaster tool, integrated in the MIO algorithm, and further conducted an empirical study with three artificial REST APIs and four real-world REST APIs. Results show that our novel mutation operator demonstrates noticeable improvements over the default MIO. It provides a significant improvement in performance for six out of the seven case studies, where the relative improvement is up to +12.09% for target coverage, +12.69% for line coverage, and +32.51% for branch coverage.

Real-time service integration of defense information system

This study designs a reference model of the Defense REST API server based on the representational state transfer (REST) architecture style to present the most efficient, stable, and sustainable technical criteria for real-time service integration of defense information systems in Korea. The purpose of this component is to provide evidence to be stipulated as part of the Korean Defense Ministry's instructions and regulations, such as the Defense Interoperability Management Directive and the Interoperability Guide, and to support the development of the National Defense Interworking Technology and Interoperability. As the defense information system was subdivided and developed by the army, navy, air force, or business functions, interworking between information systems has become one of the most important factors. However, despite the need for advanced service integration and interworking, various interconnection service modules based on enterprise application integration (EAI), EAI hubs, and spokes were developed at a level that met local requirements (simple data transmission) without specific criteria for each network or information system. As a result, most of the interconnection modules currently in operation suffer from the absence of a technical spectrum, such as not meeting the military's demands for real-time interconnection and service integration, which increases with time. Therefore, this study seeks to identify the above problems by integrating the defense information system into one service and presenting a reference model of the defense REST API server to meet various real-time interworking requirements, analyze the technical basis, and pursue a model that fits military reality.

REST API Composition for Effective Testing the Cloud

Cloud offers many ready-made REST services for the end users. This offer realizes the service composition through implementation somewhere on internet based on Service Level Agreement (SLA). For ensuring this SLA, a software testing is a useful means for attesting a non-functional requirement that guarantees quality assurance from end user's perspective. However, test engineer experiences only what goes in and out through an interface that contains a high level behaviors separated from its underlying details. Testing with these behaviors become an issue for classical testing procedures. So, REST API through composition is an alternative new promising approach for modeling behaviors with parameters against the cloud. This new approach helps to devise test effectiveness in terms of REST based behavior-driven implementation. It aims to understand functional behaviors through API methods based on input domain modeling (IDM) on the standard keyboard pattern. By making an effective REST design the test engineer sends complete test inputs to its API directly on application, and gets test responses from the infrastructure. We consider NEMo mobility API specification to design an IDM, which represents pattern match of mobility search URL API path scope. With this scope, sample mobility REST API service compositions are used. Then, the test assertions are implemented to validate each path resource to test the components and the end-to-end integration on the specified service.

Performance comparison of programming interfaces on the example of REST API, GraphQL and gRPC

The article presents a comparison of the performance of three ways of implementing programming interfaces used in web applications - REST, GraphQL and gRPC. For the purposes of the research, three applications were developed, which were made in each of the indicated technologies and with the same functionalities. The applications were used for performance tests carried out with the use of the k6 tool. The applications are used to measure the execution time, performance and volume of processed data during display and adding operations. The obtained results allowed for the conclusion that the best interface in terms of performance (measured as the number of transactions per second) and server response time is REST. However, in terms of the smallest data volume, gRPC is the best choice.

Linking Entities from Text to Hundreds of RDF Datasets for Enabling Large Scale Entity Enrichment

There is a high increase in approaches that receive as input a text and perform named entity recognition (or extraction) for linking the recognized entities of the given text to RDF Knowledge Bases (or datasets). In this way, it is feasible to retrieve more information for these entities, which can be of primary importance for several tasks, e.g., for facilitating manual annotation, hyperlink creation, content enrichment, for improving data veracity and others. However, current approaches link the extracted entities to one or few knowledge bases, therefore, it is not feasible to retrieve the URIs and facts of each recognized entity from multiple datasets and to discover the most relevant datasets for one or more extracted entities. For enabling this functionality, we introduce a research prototype, called LODsyndesisIE, which exploits three widely used Named Entity Recognition and Disambiguation tools (i.e., DBpedia Spotlight, WAT and Stanford CoreNLP) for recognizing the entities of a given text. Afterwards, it links these entities to the LODsyndesis knowledge base, which offers data enrichment and discovery services for millions of entities over hundreds of RDF datasets. We introduce all the steps of LODsyndesisIE, and we provide information on how to exploit its services through its online application and its REST API. Concerning the evaluation, we use three evaluation collections of texts: (i) for comparing the effectiveness of combining different Named Entity Recognition tools, (ii) for measuring the gain in terms of enrichment by linking the extracted entities to LODsyndesis instead of using a single or a few RDF datasets and (iii) for evaluating the efficiency of LODsyndesisIE.

Rancang Bangun Web Service Aptimas Dengan Arsitektur Representational State Transfer (REST) API

Saat ini data merupakan bagian yang penting di era transformasi teknologi informasi, proses komunikasi pun tidak dibatasi oleh perbedaan jenis perangkat yang digunakan membuat informasi dapat diakses degan mudah. Saat ini Lembaga Penelitian dan Pengabdian kepada Masyarakat (LPPM) Politeknik Pos Indonesia sudah memiliki pangkalan data dalam proses pengelolaan data penelitian, pengabdian, publikasi dan HaKI berbasis web. Saat ini akses data APTIMAS masih terpusat dan tidak bisa diakses dengan menggunakan aplikasi selain aplikasi APTIMAS, sehingga dibutuhkan sebuah media middle ware atau web service yang memberikan solusi bagaiman aplikasi lain dapat mengkases data APTIMAS seperti untuk pengembangan aplikasi Mobile, dashboard di aplikasi lain, kebutuhan data lainnya. Oleh karena itu dibangunlah sebuah Web Service dengan arsitektur Representational State Transfer (REST) Application Programming Interface (API) yang berfungsi jembatan dalam memberikan layanan untuk komunikasi data. Dengan dibangunnya aplikasi middleware web service ini, diharapkan APTIMAS sebagai penyedia data penelitian, pengabdian, publikasi dan HaKI di lingkungan internal perguruan tinggi Politeknik Pos Inodoneisa dapat digunakan sebagai rujukan pengambilan data untuk pengembangan aplikasi lain dan kebutuhan data di lingkungan kampus Politeknik Pos Indonesia, tanpa harus mengakses langsung ke database APTIMAS

Software system for drug search in online mode

In this project was shown software system for drug search in online mode, which was included: three services, user interface. Also, was analyzed test of this system, speed for system and efficiency of system. A software system – this is a group of integrated software tools which support certain process and share a database. This system shows how three services work: the primary service, the additional service and provider’s service. Also given are the modes of their work, their capabilities and specifically what they include and represent. The description of all technologies are given which used during development of this system, including their advantages and disadvantages in general. On the basic of this technique, the client-server system of drug search is realized. Moreover there are various options for searching for medical items, a searching by using search and by using location of the pharmacy on Google map were suggested. A description of the development environment and main of its functions were provided. In addition, what is REST API, where it was used and why exactly REST was used during development of this system. It also shows how to run the program, namely the procedure, with description, explains exactly how to run the program, and what additional plugins need to be installed. This article describes the algorithm of software system for drug search in online mode, the main functions of the system are given and described. Screenshots of the main modules of the server side and of the program are added as well as screenshots of databases.

NaijaCovidAPI: an application programming interface for retrieval of COVID19 data from the Nigerian Center for Disease Control web platform

Background: In this work, a COVID19 Application Programming Interface (API) was built using the Representational State Transfer (REST) API architecture and it is designed to fetch data daily from the Nigerian Center for Disease Control (NCDC) website. Methods: The API is developed using ASP.NET Core Web API framework using C# programming language and Visual Studio 2019 as the Integrated Development Environment (IDE). The application has been deployed to Microsoft Azure as the cloud hosting platform and to successfully get new data from the NCDC website using Hangfire where a job has been scheduled to run every 12:30 pm (GMT + 1) and load the fetched data into our database. Various API Endpoints are defined to interact with the system and get data as needed, data can be fetched from a single state by name, all states on a particular day or over a range of days, etc. Results: The results from the data showed that Lagos and Abuja FCT in Nigeria were the hardest-hit states in terms of Total Confirmed cases while Lagos and Edo states had the highest death causalities with 465 and 186 as of August 2020. This analysis and many more can be easily made as a result of this API we have created that warehouses all COVID19 Data as presented by the NCDC since the first contracted case on February 29, 2020. This system was tested on the BlazeMeter platform, and it had an average of 11Hits/s with a response time of 2905milliseconds. Conclusions: The extension of NaijaCovidAPI over existing COVID19 APIs for Nigeria is the access and retrieval of previous data. Our contribution to the body of knowledge is the creation of a data hub for Nigeria's COVID-19 incidence from February 29, 2020, to date

Distributed Denial of Service Attacks Detection and Mitigation in Software Defined Mesh Networks

Networks configured in Mesh topology provide Network security in the form of redundancy of communication links. But redundancy also contributes to complexity in configuration and subsequent troubleshooting. Critical networks like Backbone Networks (used in Cloud Computing) deploy the Mesh topology which provides additional security in terms of redundancy to ensure availability of services. Distributed Denial of Service attacks are one of the most prominent attacks that cause an immense amount of loss of data as well as monetary losses to service providers. This paper proposes a method by which using SDN capabilities and sFlow-RT application, Distributed Denial of Service (DDoS) attacks is detected and consequently mitigated by using REST API to implement Policy Based Flow Management through the SDN Controller which will help in ensuring uninterrupted services in scenarios of such attacks and also further simply and enhance the management of Mesh architecture-based networks.

API Development Teaching- Learning Platform

API (Application Programming Interface) is a sequence of commands, rules, or regulations that enables a software or app to leverage attributes from another application, system, or gadget to improve its own services. In a nutshell, it's a feature that allows apps to connect with one another. The IT industry has a high demand for REST API Development, hence this article provides an interactive teaching and learning platform for REST API Development. Using the LBD (Learning By Doing) concept, the suggested platform seeks to assist users in learning REST API Development. This tool would assist users in learning to design their own APIs by requiring them to practise (either through coding or MCQs). The platform would be based on selfevaluation and reflection models of self-regulated learning, allowing users to learn more effectively. The platform would also try to provide some scaffolding for users that fail test cases, such as assistance in debugging and why they might be failing the test cases. Keywords: REST-API, Teaching Learning Platform, Self-Regulated Learning(SRL), Human Computer Interaction(HCI), Dashboard, Learning by doing(LBD)