WEB Based Applications Testing: Analytical Approach towards Model Based Testing and Fuzz Testing

UMER ZAHEER KHAN

Abstract


Web-based applications are complex in the structure which results in facing an immense amount of exploiting attacks, so testing should be done in a proactive way in order to identify threats in the applications. The intruder can explore these security loopholes and may exploit the application which results in economical lose, so testing the application becomes a supreme phase of development.  The main objective of testing is to secure the contents of applications either through static or automatic approach. The software houses usually follow fuzz based testing in which flaws can be explored by randomly inputting invalid data while on the other hand model-based testing is the automated approach which tests the applications from all perspectives on the basis of an abstract model of the application. The main theme of this research is to study the difference between fuzz based testing and MBT in terms of test coverage, performance, cost and time. This research work guides the web application practitioner in the selection of suitable methodology for different testing scenarios which save efforts imparted on testing and develop better and breaches free product.

 


Full Text:

PDF

References


Ali, S. and H. Hemmati. 2014. Model-based Testing of Video Conferencing Systems: Challenges, Lessons learnt, and Results. Proceedings - IEEE 7th International Conference on Software Testing, Verification and Validation, ICST 2014, 353–362.

Amalfitano, D., N. Amatucci, A. R. Fasolino., U. Gentile and G. Mele. 2014. Improving Code Coverage in Android Apps Testing By Exploiting Patterns and Automatic Test Case Generation. International Workshop on Long-term Industrial Collaboration on Software Engineering, 29-34. Vasteras, Sweden: ACM.

Andrianto, I., I. Liem and A. Y. D. Wardhana. 2017 . Web Application Fuzz Testing. International Conference on Data and Software Engineering (ICoDSE), 978-984.

Al-Refai, M., W. Cazzola and G. Sudipto. 2017. A Fuzzy Logic Based Approach for Model-based Regression Test Selection. International Conference on Model Driven Engineering Languages and Systems, 55-62.

Chunlei, W., L. Liu and L. Qiang. 2014. Automatic fuzz testing of web service vulnerability. International Conference on Information and Communications Technologies (ICT 2014), 25-35.

Felderer, M., P. Zech, R. Breu, M. Buchler and A. Pretschner. 2015. Model-based Security Testing: A Taxonomy and Systematic Classification. SOFTWARE TESTING, VERIFICATION AND RELIABILITY, 530-560.

Guilherme, C. F., A. T. Endo. 2015. Evaluating the Model-Based Testing Approach in the Context of Mobile Applications. Electronic Notes in Theoretical Computer Science , 3-21.

Jamil, A. M., M. Arif, N. S. A. Abubakar and A. Ahmad. 2016. Software Testing Techniques: A Literature Review. 6th International Conference on Information and Communication Technology for The Muslim World (ICT4M), 177-182.

Kalaji, A. S., R. M. Hierons and S. Stephen. 2009. Generating Feasible Transition Paths For Testing From an Extended Finite State Machine (EFSM). Software Testing Verification and Validation, 230-239.

Li, C., Q. Wei and Q. Wang. 2012. RankFuzz: Fuzz Testing Based on Comprehensive Evaluation. Fourth International Conference on Multimedia Information Networking and Security, 939–942.

Li, L., Q. Dong, D. Liu and L. Zhu. 2013. The Application of Fuzzing in Web Software Security Vulnerabilities Test. International Conference on Information Technology and Applications, 130–133.

Morozov, A., K. Ding, T. Chen and K. Janschek. 2017. Test Suite Prioritization for Efficient Regression Testing of Model-based Automotive Software. International Conference on Software Analysis, Testing and Evolution, 20-29.

Ma, C., and J. Provost. 2017 . A Model-Based Testing Framework With Reduced Set of Test Cases For Programmable Controllers. 13th IEEE Conference on Automation Science and Engineering (CASE), 944-949.

Mussa, M., S. Ouchani, W. A. Sammane and A. Hamou-Lhadj. 2009. A Survey of Model-Driven Testing Techniques. International Conference on Quality Software, 167-172.

Mouelhi, T., F. Fleurey, B. Baudry and Y. L. Traon. 2008 . A Model-Based Framework for Security Policy Specification, Deployment and Testing Models, Lecture Notes in Computer Science, 537-552.

Nikolas, H. 2017. Efficient Fuzz Testing Leveraging Input, Code, and Execution. 39th IEEE International Conference on Software Engineering Companion, 417-420.

Rapos, E. J., and J. Dingel. 2015. Using Fuzzy Logic and Symbolic Execution to Prioritize UML-RT Test Cases. 8th International Conference on Software Testing, Verification and Validation (ICST), 52-62.

Rafique, N., N. Rashid, S. Awan and Z. Nayyar. 2014. Model Based Testing in Web Applications. International Journal of Scientific Engineering and Research (IJSER), 2(1), 56–60.

Roohullah Jan, S., S. T. Shah, Z. Johar, Y. Shah and F. Khan. 2016. An Innovative Approach to Investigate Various Software Testing Techniques and Strategies. IJSRSET, 682-689.

Utting, M., Alexendar. P and B . Legeard 2012. A Taxonomy of Model-based Testing Approaches. SOFTWARE TESTING, VERIFICATION AND RELIABILITY, 297-312.




DOI: http://dx.doi.org/10.22555/pjets.v8i1.2470

Refbacks

  • There are currently no refbacks.


Chief Editor

Prof. Dr. Tariq Rahim Soomro 
Dean
College of Computer Science & Information Systems

Editorial Advisory Board (Internal)

Dr. Syed Irfan Hyder
Dr. S.M. Aqil Burney
Dr. Ejaz Ahmed
Dr. Mohammad Irshad Khan
Dr. Shahid Amjad
Dr. Fatima Riaz
Dr. Insia Hussain
Dr. Ehsan Rehman
Dr. Imran Majid
Dr. Khurram Iqbal
Dr. Zeeshan Shahid
Dr. Seema Ansari
Dr. Muhammad Mansoor Alam

 

Editorial Advisory Board (International)

Prof. Dr. Mazliham Mohd Su'ud, President, Multimedia University, Malaysia

Dr. Eiad Yafi, Deputy Dean, Institute of Post Graduate Studies, Universiti Kuala Lumpur, Malaysia

Prof. Dr. Ghassan Al-Qaimari, President, Emirates College of Technology, Abu Dhabi, UAE
Prof. Dr. Patrice Boursier, Universite de La Rochelle, La Rochelle, France
Prof. Dr. Mudassir Uddin, Professor, University of Karachi, Pakistan
Dr. Nadeem Doudpota, Associate Professor, Al-Baha University, KSA
Dr. Haithem Abdelrazaq Almefleh, Associate Professor, Yarmouk University, Yarmouk, Jordan
Dr. Saiful Islam Ansari, Assistant Professor, University of Tabuk, Saudi Arabia