Generic Data Format Approach for Generation of Security Test Data

Schanes, Christian; Fankhauser, Florian; Taber, Stefan; Grechenig, Thomas

Home // VALID 2011, The Third International Conference on Advances in System Testing and Validation Lifecycle // View article

Generic Data Format Approach for Generation of Security Test Data

Authors:
Christian Schanes
Florian Fankhauser
Stefan Taber
Thomas Grechenig

Keywords: Software testing; Computer network security; Fuzzing

Abstract:
Security testing is an important and at the same time also expensive task for developing robust and secure systems. Test automation can reduce costs of security tests and increase test coverage and, therefore, increase the number of detected security issues during development. A common data format as the basis for specific test cases ensures that the implementation of the generation logic for security test data is only needed once and can be used for various data formats by transforming the data to the common data format, generating the test data and transforming back to the original data format. The introduced approach enables to generate test data for various formats using a single implementation of the generation algorithm and applying the results for specific test cases in different data formats.

Pages: 103 to 108

Copyright: Copyright (c) IARIA, 2011

Publication date: October 23, 2011

Published in: conference

ISSN: 2308-4316

ISBN: 978-1-61208-168-7

Location: Barcelona, Spain

Dates: from October 23, 2011 to October 29, 2011