Proposing SQL Statement Coverage Metrics: Difference between revisions
Programsam (talk | contribs) No edit summary |
Programsam (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
Ben Smith, Younghee Shin, and Laurie Williams | Ben Smith, Younghee Shin, and Laurie Williams | ||
== Abstract == | == Abstract == | ||
''An increasing number of cyber attacks are occurring at the | ''An increasing number of cyber attacks are occurring at the application layer when attackers use malicious input. These input validation vulnerabilities can be exploited by (among others) SQL injection, cross site scripting, and buffer overflow attacks. Statement coverage and similar test adequacy metrics have | ||
application layer when attackers use malicious input. These input | historically been used to assess the level of functional and unit testing which has been performed on an application. However, these currently-available metrics do not highlight how well the system protects itself through validation. In this paper, we propose two SQL injection input validation testing adequacy metrics: target statement coverage and input variable coverage. A test suite which satisfies both adequacy criteria can be leveraged as a solid foundation for input validation scanning with a blacklist. To determine whether it is feasible to calculate values for our two metrics, we perform a case study on a web healthcare application and discuss some issues in implementation we have encountered. We find that the web healthcare application scored 96.7% target statement coverage and 98.5% input variable coverage'' | ||
validation vulnerabilities can be exploited by (among others) SQL | |||
injection, cross site scripting, and buffer overflow attacks. | |||
Statement coverage and similar test adequacy metrics have | |||
historically been used to assess the level of functional and unit | |||
testing which has been performed on an application. However, | |||
these currently-available metrics do not highlight how well the | |||
system protects itself through validation. In this paper, we | |||
propose two SQL injection input validation testing adequacy | |||
metrics: target statement coverage and input variable coverage. | |||
A test suite which satisfies both adequacy criteria can be | |||
leveraged as a solid foundation for input validation scanning with | |||
a blacklist. To determine whether it is feasible to calculate values | |||
for our two metrics, we perform a case study on a web healthcare | |||
application and discuss some issues in implementation we have | |||
encountered. We find that the web healthcare application scored | |||
96.7% target statement coverage and 98.5% input variable | |||
coverage'' | |||
== 1. Introduction == | == 1. Introduction == | ||
Revision as of 01:27, 2 March 2013
Ben Smith, Younghee Shin, and Laurie Williams
Abstract
An increasing number of cyber attacks are occurring at the application layer when attackers use malicious input. These input validation vulnerabilities can be exploited by (among others) SQL injection, cross site scripting, and buffer overflow attacks. Statement coverage and similar test adequacy metrics have historically been used to assess the level of functional and unit testing which has been performed on an application. However, these currently-available metrics do not highlight how well the system protects itself through validation. In this paper, we propose two SQL injection input validation testing adequacy metrics: target statement coverage and input variable coverage. A test suite which satisfies both adequacy criteria can be leveraged as a solid foundation for input validation scanning with a blacklist. To determine whether it is feasible to calculate values for our two metrics, we perform a case study on a web healthcare application and discuss some issues in implementation we have encountered. We find that the web healthcare application scored 96.7% target statement coverage and 98.5% input variable coverage