Premium
A threat model‐based approach to security testing
Author(s) -
Marback Aaron,
Do Hyunsook,
He Ke,
Kondamarri Samuel,
Xu Dianxiang
Publication year - 2013
Publication title -
software: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.437
H-Index - 70
eISSN - 1097-024X
pISSN - 0038-0644
DOI - 10.1002/spe.2111
Subject(s) - threat model , security testing , computer science , executable , computer security , computer security model , security through obscurity , software security assurance , security information and event management , test (biology) , security bug , cloud computing security , information security , security service , cloud computing , paleontology , biology , operating system
SUMMARY Software security issues have been a major concern in the cyberspace community, so a great deal of research on security testing has been performed, and various security testing techniques have been developed. Threat modeling provides a systematic way to identify threats that might compromise security, and it has been a well‐accepted practice by the industry, but test case generation from threat models has not been addressed yet. Thus, in this paper, we propose a threat model‐based security testing approach that automatically generates security test sequences from threat trees and transforms them into executable tests. The security testing approach we consider consists of three activities in large: building threat models with threat trees; generating security test sequences from threat trees; and creating executable test cases by considering valid and invalid inputs. To support our approach, we implemented security test generation techniques, and we also conducted an empirical study to assess the effectiveness of our approach. The results of our study show that our threat tree‐based approach is effective in exposing vulnerabilities. Copyright © 2012 John Wiley & Sons, Ltd.