• DocumentCode
    531913
  • Title

    A software security testing method based on typical defects

  • Author

    Song, Huang ; Liang, Wang ; Changyo, Zheng ; Yu, Hong

  • Author_Institution
    PLA Univ. of Sci. & Technol.(PLAUST), Nanjing, China
  • Volume
    5
  • fYear
    2010
  • fDate
    22-24 Oct. 2010
  • Abstract
    According to CERT/CC, ten defects known are responsible for 75% of security breaches in today software applications. Those defects are named as typical security defects. Based on that, a security testing method is given. In the method, a modeling technique with threat tree is described. Finally, a threat tree traversal algorithm (Tri-T algorithm) based on depth-first-search is designed and is used in an example to generate the test sequence.
  • Keywords
    program testing; security of data; tree searching; Tri-T algorithm; depth-first-search; software security testing method; threat tree traversal algorithm; typical security defect; Authentication; Automation; Cryptography; Registers; software security testing; threat tree; typical defects;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Application and System Modeling (ICCASM), 2010 International Conference on
  • Conference_Location
    Taiyuan
  • Print_ISBN
    978-1-4244-7235-2
  • Electronic_ISBN
    978-1-4244-7237-6
  • Type

    conf

  • DOI
    10.1109/ICCASM.2010.5619128
  • Filename
    5619128
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=531913