PEMBANGKITAN MUTAN UNTUK TESTING KERENTANAN BROKEN ACCESS CONTROL
Broken access control vulnerabilities have consistently appeared in the OWASP top 10 over the last decade. The CVEDetails report also shows an increasing trend for this vulnerability over the past ten years. It shows that broken access control is crucial to mitigate. Security testing is one way...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/82426 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Broken access control vulnerabilities have consistently appeared in the OWASP top
10 over the last decade. The CVEDetails report also shows an increasing trend for
this vulnerability over the past ten years. It shows that broken access control is
crucial to mitigate.
Security testing is one way to mitigate broken access control. However, testing
often fails to detect broken access control, and creating test cases for broken access
control is not easy. A common technique used to improve test suite quality is
increasing code coverage. However, some researchers state that code coverage does
not reflect the quality of test cases in detecting vulnerabilities.
Another potential method that can be used to improve the quality of test cases is
through mutation testing. In this paper, mutation testing enhances test cases' quality
for broken access control vulnerabilities. This is achieved by generating mutants
through the mutation of access control policies. The results show that mutation
testing performs well in improving test cases for broken access control
vulnerabilities by generating 142 mutants and adding 11 new test cases. |
|---|