Test case selection for penetration testing in mobile cloud computing applications: A proposed technique
The extensive use of mobile applications in terms of user’s number and size of diverse data has introduced additional security threats which make uncovering these vulnerabilities complex for testers. Testers use certain types of software security testing to detect software vulnerabilities, particula...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
JATIT
2018
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/28034/ http://umpir.ump.edu.my/id/eprint/28034/ http://umpir.ump.edu.my/id/eprint/28034/1/Test%20case%20selection%20for%20penetration.pdf |
| id |
ump-28034 |
|---|---|
| recordtype |
eprints |
| spelling |
ump-280342020-03-04T04:52:38Z http://umpir.ump.edu.my/id/eprint/28034/ Test case selection for penetration testing in mobile cloud computing applications: A proposed technique Al-Ahmad, Ahmad Salah Kahtan, Hasan QA75 Electronic computers. Computer science The extensive use of mobile applications in terms of user’s number and size of diverse data has introduced additional security threats which make uncovering these vulnerabilities complex for testers. Testers use certain types of software security testing to detect software vulnerabilities, particularly penetration testing. Test case selection is an essential phase of penetration testing, especially when testing complex and large applications. Multiple techniques have been proposed for selecting test cases to be used in penetration testing. In general, the majority of such techniques select a set of test cases that cover the designated paths and fit well with the user requirements. This study reviews existing techniques and models that are used for test case selection. Methods, strengths and weaknesses are the main factors that are presented in this study. This study shows that offloading, that is, the technology used in mobile cloud computing applications, has been disregarded by existing techniques and models for test case selection. Therefore, this study proposes an enhanced test case selection technique for penetration testing. This proposed technique considers offloading parameters when selecting test cases to improve coverage paths and reflect user preferences in terms of cloud and mobile priority percentages. Moreover, test cases for both mobile and cloud in the mobile cloud computing applications are considered to be selected in list of test cases to be executed. Besides, user preferences feature is provided in the selection process to reflect the importance of each parties, cloud and mobile sides of the application under test. The proposed technique will improve the security of mobile cloud computing applications by exposing the possible vulnerabilities from both mobile and cloud sides application. JATIT 2018 Article PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/28034/1/Test%20case%20selection%20for%20penetration.pdf Al-Ahmad, Ahmad Salah and Kahtan, Hasan (2018) Test case selection for penetration testing in mobile cloud computing applications: A proposed technique. Journal of Theoretical and Applied Information Technology, 96 (13). 4238 -4248. ISSN 1992-8645 (print); 817-3195 (online) http://www.jatit.org/volumes/Vol96No13/23Vol96No13.pdf |
| repository_type |
Digital Repository |
| institution_category |
Local University |
| institution |
Universiti Malaysia Pahang |
| building |
UMP Institutional Repository |
| collection |
Online Access |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Al-Ahmad, Ahmad Salah Kahtan, Hasan Test case selection for penetration testing in mobile cloud computing applications: A proposed technique |
| description |
The extensive use of mobile applications in terms of user’s number and size of diverse data has introduced additional security threats which make uncovering these vulnerabilities complex for testers. Testers use certain types of software security testing to detect software vulnerabilities, particularly penetration testing.
Test case selection is an essential phase of penetration testing, especially when testing complex and large applications. Multiple techniques have been proposed for selecting test cases to be used in penetration testing. In general, the majority of such techniques select a set of test cases that cover the designated paths and fit well with the user requirements. This study reviews existing techniques and models that are used for test case selection. Methods, strengths and weaknesses are the main factors that are presented in this study. This study shows that offloading, that is, the technology used in mobile cloud computing applications, has been disregarded by existing techniques and models for test case selection. Therefore, this study proposes an enhanced test case selection technique for penetration testing. This proposed technique considers offloading parameters when selecting test cases to improve coverage paths and reflect user preferences in terms of cloud and mobile priority percentages. Moreover, test cases for both mobile and cloud in the mobile cloud computing applications are considered to be selected in list of test cases to be executed. Besides, user
preferences feature is provided in the selection process to reflect the importance of each parties, cloud and mobile sides of the application under test. The proposed technique will improve the security of mobile cloud computing applications by exposing the possible vulnerabilities from both mobile and cloud sides application. |
| format |
Article |
| author |
Al-Ahmad, Ahmad Salah Kahtan, Hasan |
| author_facet |
Al-Ahmad, Ahmad Salah Kahtan, Hasan |
| author_sort |
Al-Ahmad, Ahmad Salah |
| title |
Test case selection for penetration testing in mobile cloud computing applications: A proposed technique |
| title_short |
Test case selection for penetration testing in mobile cloud computing applications: A proposed technique |
| title_full |
Test case selection for penetration testing in mobile cloud computing applications: A proposed technique |
| title_fullStr |
Test case selection for penetration testing in mobile cloud computing applications: A proposed technique |
| title_full_unstemmed |
Test case selection for penetration testing in mobile cloud computing applications: A proposed technique |
| title_sort |
test case selection for penetration testing in mobile cloud computing applications: a proposed technique |
| publisher |
JATIT |
| publishDate |
2018 |
| url |
http://umpir.ump.edu.my/id/eprint/28034/ http://umpir.ump.edu.my/id/eprint/28034/ http://umpir.ump.edu.my/id/eprint/28034/1/Test%20case%20selection%20for%20penetration.pdf |
| first_indexed |
2023-09-18T22:43:59Z |
| last_indexed |
2023-09-18T22:43:59Z |
| _version_ |
1777417101772849152 |