Metamorphic Testing for Cybersecurity

Tsong Yueh Chen, Fei Ching Kuo, Wenjuan Ma, Willy Susilo, Dave Towey, Jeffrey Voas, Zhi Quan Zhou

Research output: Contribution to specialist publicationArticle

64 Citations (Scopus)
41 Downloads (Pure)


Metamorphic testing (MT) can enhance security testing by providing an alternative to using a test oracle, which is often unavailable or impractical. The authors report how MT detected previously unknown bugs in real-world critical applications such as code obfuscators, giving evidence that software testing requires diverse perspectives to achieve greater cybersecurity.

Original languageEnglish
Number of pages8
Specialist publicationComputer
Publication statusPublished - Jun 2016


  • Heartbleed bug
  • Web testing
  • cybersecurity
  • cyberthreats
  • fuzzing
  • logic error
  • metamorphic testing
  • obfuscator testing
  • oracle problem
  • software testing
  • software vulnerability

ASJC Scopus subject areas

  • General Computer Science


Dive into the research topics of 'Metamorphic Testing for Cybersecurity'. Together they form a unique fingerprint.

Cite this