UMP Institutional Repository

Test case selection for penetration testing in mobile cloud computing applications: A proposed technique

Al-Ahmad, Ahmad Salah and Kahtan, Hasan (2018) Test case selection for penetration testing in mobile cloud computing applications: A proposed technique. Journal of Theoretical and Applied Information Technology, 96 (13). 4238 -4248. ISSN 1992-8645 (print); 817-3195 (online)

[img]
Preview
Pdf
Test case selection for penetration.pdf

Download (273kB) | Preview

Abstract

The extensive use of mobile applications in terms of user’s number and size of diverse data has introduced additional security threats which make uncovering these vulnerabilities complex for testers. Testers use certain types of software security testing to detect software vulnerabilities, particularly penetration testing. Test case selection is an essential phase of penetration testing, especially when testing complex and large applications. Multiple techniques have been proposed for selecting test cases to be used in penetration testing. In general, the majority of such techniques select a set of test cases that cover the designated paths and fit well with the user requirements. This study reviews existing techniques and models that are used for test case selection. Methods, strengths and weaknesses are the main factors that are presented in this study. This study shows that offloading, that is, the technology used in mobile cloud computing applications, has been disregarded by existing techniques and models for test case selection. Therefore, this study proposes an enhanced test case selection technique for penetration testing. This proposed technique considers offloading parameters when selecting test cases to improve coverage paths and reflect user preferences in terms of cloud and mobile priority percentages. Moreover, test cases for both mobile and cloud in the mobile cloud computing applications are considered to be selected in list of test cases to be executed. Besides, user preferences feature is provided in the selection process to reflect the importance of each parties, cloud and mobile sides of the application under test. The proposed technique will improve the security of mobile cloud computing applications by exposing the possible vulnerabilities from both mobile and cloud sides application.

Item Type: Article
Uncontrolled Keywords: Penetration Testing, Test Case Selection, Offloading, Path Coverage
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty/Division: Faculty of Computer System And Software Engineering
Institute of Postgraduate Studies
Depositing User: Noorul Farina Arifin
Date Deposited: 04 Mar 2020 04:52
Last Modified: 04 Mar 2020 04:52
URI: http://umpir.ump.edu.my/id/eprint/28034
Download Statistic: View Download Statistics

Actions (login required)

View Item View Item