Learn More
Keywords: Software testing Web-application testing User-input-validation testing a b s t r a c t User-input-validation (UIV) is the first barricade that protects web applications from application-level attacks. Most UIV test tools cannot detect semantics-related vulnerabilities in validators, such as filling a five-digit number to a field that accepts a(More)
Web applications have become complex and crucial in many fields. In order to assure their quality, a high demand for systematic methodologies of Web application testing is emerging. In this paper, a methodology of model-driven testing (MDT) for Web application is presented. Model is the core of this method. Web application model is built to describe the(More)
This paper discusses the formalization of the test adequacy criterion for context-free grammars. The basic concept of grammar-based testing is introduced and the grammar-based test criterion is formally defined. This paper also proposes a family of grammar-based structural test criteria whose subsume relations and test set sizes are analyzed, which are used(More)
Software Architecture can help people to better understand the gross structure and, with powerful analysis techniques, to evaluate the properties of a software system. To accommodate the dynamic changes and facilitate interop-eration of tools, an architectural description of the distributed system should be extensible and interchangeable. In this paper, we(More)
In this paper, we present a novel method for clustering web objects. Most of existing methods aren’t sufficient to explore similar objects, because the basic data, which include attributes of objects, click-through data, and link data, are often sparse, scarce or difficult to obtain. In contrast, the information we exploit is transaction log, which(More)
The invalidated input is one of the most critical web application security flaws. However, testing the user input validation function is an intellectual and labor intensive task. We are developing a model driven framework to help testers to accomplish this job in visual view with guidance. This paper reports our on-going work. A meta-model of Web(More)
Predicting failures from software input is still a tough issue. Two models, namely the surface model and structure model, are presented in this paper to predict failure by applying the maximum entropy principle. The surface model forecasts a failure from the statistical co-occurrence between input and failure, while the structure model does from the(More)
The just-in-time compilers have been widely adopted in J2SE and J2ME virtual machines. However, it is a big challenge for a JIT compiler to generate high-quality native code under the tight time and memory constraints on embedded systems. This paper presents the framework and key optimizations of a JIT compiler we designed for Intelpsilas J2ME virtual(More)