Premium
Linguistic security testing for text communication protocols
Author(s) -
Kam Ben W.Y.,
Dean Thomas R.
Publication year - 2013
Publication title -
software: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.437
H-Index - 70
eISSN - 1097-024X
pISSN - 0038-0644
DOI - 10.1002/spe.2108
Subject(s) - computer science , syntax , protocol (science) , programming language , grammar , test (biology) , formal grammar , cryptographic protocol , communications protocol , natural language processing , rule based machine translation , computer security , computer network , linguistics , medicine , paleontology , philosophy , alternative medicine , pathology , cryptography , biology
SUMMARY We introduce a new Syntax‐based Security Testing framework that uses a protocol specification to perform security testing on text‐based communication protocols. A protocol specification of a particular text‐based protocol under test represents its syntactic grammar and static constraints. The specification is used to generate test cases by mutating valid messages, breaking the syntax and constraints of the protocol. The framework is demonstrated using a toy web application and the open source application KOrganizer. Copyright © 2012 John Wiley & Sons, Ltd.