Metamorphic Testing for Cybersecurity

Tsong Yueh Chen, Fei Ching Kuo, Wenjuan Ma, Willy Susilo, Dave Towey, Jeffrey Voas, Zhi Quan Zhou

Research output: Contribution to specialist publicationArticle

68 Citations (Scopus)
64 Downloads (Pure)

Abstract

Metamorphic testing (MT) can enhance security testing by providing an alternative to using a test oracle, which is often unavailable or impractical. The authors report how MT detected previously unknown bugs in real-world critical applications such as code obfuscators, giving evidence that software testing requires diverse perspectives to achieve greater cybersecurity.

Original languageEnglish
Pages48-55
Number of pages8
Volume49
No.6
Specialist publicationComputer
DOIs
Publication statusPublished - Jun 2016

Keywords

  • Heartbleed bug
  • Web testing
  • cybersecurity
  • cyberthreats
  • fuzzing
  • logic error
  • metamorphic testing
  • obfuscator testing
  • oracle problem
  • software testing
  • software vulnerability

ASJC Scopus subject areas

  • General Computer Science

Fingerprint

Dive into the research topics of 'Metamorphic Testing for Cybersecurity'. Together they form a unique fingerprint.

Cite this