Proposing SQL Statement Coverage Metrics: Difference between revisions
Programsam (talk | contribs) Created page with "By Ben Smith Yonghee Shin Laurie Williams" |
Programsam (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
Ben Smith, Younghee Shin, and Laurie Williams | |||
Ben Smith | == Abstract == | ||
''An increasing number of cyber attacks are occurring at the | |||
Laurie Williams | application layer when attackers use malicious input. These input | ||
validation vulnerabilities can be exploited by (among others) SQL | |||
injection, cross site scripting, and buffer overflow attacks. | |||
Statement coverage and similar test adequacy metrics have | |||
historically been used to assess the level of functional and unit | |||
testing which has been performed on an application. However, | |||
these currently-available metrics do not highlight how well the | |||
system protects itself through validation. In this paper, we | |||
propose two SQL injection input validation testing adequacy | |||
metrics: target statement coverage and input variable coverage. | |||
A test suite which satisfies both adequacy criteria can be | |||
leveraged as a solid foundation for input validation scanning with | |||
a blacklist. To determine whether it is feasible to calculate values | |||
for our two metrics, we perform a case study on a web healthcare | |||
application and discuss some issues in implementation we have | |||
encountered. We find that the web healthcare application scored | |||
96.7% target statement coverage and 98.5% input variable | |||
coverage'' | |||
== 1. Introduction == | |||