Logo: University of Southern California

Events Calendar

  • CS Colloquium - Matthias Buechler: Security Testing with Fault-Models and Properties

    Wed, Oct 09, 2013 @ 06:15 PM - 08:00 PM

    Computer Science

    Conferences, Lectures, & Seminars

    Speaker: Matthias Buechler, Technical University Munich (Technische Universität München)

    Talk Title: Security Testing with Fault-Models and Properties

    Series: CS Colloquium

    Abstract: Web applications are complex and face a massive amount of sophisticated attacks. Since manually testing web applications for security issues is hard and time consuming, automated testing is preferable. In model-based testing, test cases are often generated using structural criteria. Since such test cases do not directly target security properties, my Ph.D thesis proposes to use a fault model for generating tests for web applications. Faults are represented as known source code vulnerabilities that, by using respective mutation operators at the model level, are injected into models of a System Under Validation to generate “interesting” test cases. To achieve this, advantages of penetration testing are combined with model-checkers dedicated to security analysis. To find attacks on real systems the gap between an abstract attack trace output by a model-checker and a penetration test needs to be addressed. My Ph.D thesis contributes with a semi-automatic methodology to turn abstract attack traces operational.

    Host: William GJ Halfond

    Location: Henry Salvatori Computer Science Center (SAL) - 322

    Audiences: Everyone Is Invited

    Posted By: Assistant to CS chair


Return to Calendar