research-article

Security mutation testing of the FileZilla FTP server

Authors:

Daniel Woodraska,

Michael Sanford,

Dianxiang XuAuthors Info & Claims

SAC '11: Proceedings of the 2011 ACM Symposium on Applied Computing

Pages 1425 - 1430

https://doi.org/10.1145/1982185.1982493

Published: 21 March 2011 Publication History

Abstract

Security has become a priority for software development and many security testing techniques have been developed over the years. Benchmarks based on real-world systems, however, are in great demand for evaluating the vulnerability detection capability of these techniques. To develop such a benchmark, this paper presents an approach to security mutation analysis of FileZilla Server, a popular FTP server implementation as a case study. In the existing mutation testing research, mutants are created through syntactic changes. Such syntactic changes may not result in meaningful security vulnerabilities in security-intensive software. Our approach creates security mutants by considering the causes and consequences of vulnerabilities. The causes of vulnerabilities include design-level (e.g., incorrect policy enforcement) and implementation-level defects (such programming errors as buffer overflow and unsafe function calls). The consequences of vulnerabilities refer to various potential attacks, such as spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE). Using this approach, we have created 30 distinct mutants for FileZilla Server. They have been applied to the evaluation of two security testing methods that use attack trees and attack nets as threat models for test generation. The results show that, while these testing methods can kill most of the mutants, they have an important limitation -- they cannot detect the vulnerabilities that are not captured by the threat models.

References

[1]

Andrews, J. H., Briand, L. C. and Labiche, Y. Is mutation an appropriate tool for testing experiments? Proc. of the 27th International Conference on Software Engineering (ICSE '05), 2005, pp. 402--411.

Digital Library

[2]

Fonseca, J., Vieira, M., and Madeira, H. Testing and comparing Web vulnerability scanning tools for SQL injection and XSS attacks, Proc. of the 13th Pacific Rim International Symposium on Dependable Computing, Melbourne, Australia, December 2007, pp. 365--372.

Digital Library

[3]

Hoglund, G. and McGraw, G. Exploiting Software: How to Break Code. Addison-Wesley, 2004.

Digital Library

[4]

Jia, Y. and Harman, M. An analysis and survey of the development of mutation testing, IEEE Transactions on Software Engineering, June 2010.

Digital Library

[5]

Le Traon, Y., Mouelhi, T. and Baudry, B.: Testing security policies: Going beyond function testing. Proc. of ISSRE'07, pp. 93--102, 2007

Digital Library

[6]

Marback, A., Do, H., He, K., Kondamarri, S., Xu, D. Security test generation using threat trees, Proc. of AST'09, Vancouver, Canada, May 2009.

[7]

Martin, E. and Xie, T. A fault model and mutation testing of access control policies. Proc. of the 16th international Conference on World Wide Web (WWW'07), pp. 667--676, May 2007.

Digital Library

[8]

Martin, E. and Xie, T. Automated test generation for access control policies via change-impact analysis. The 3rd International Workshop on Software Engineering for Secure Systems, May 2007.

Digital Library

[9]

Mouelhi, T., Fleurey, F., Baudry, B., and Le Traon, Y. A model-based framework for security policies specification, deployment and testing. Proc. of the 11th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems 2008.

Digital Library

[10]

Mouelhi, T., Le Traon, Y. and Baudry, B. Mutation analysis for security tests qualification, in Mutation'07: Third Workshop on Mutation Analysis, in conjunction with TAIC-Part. 2007.

Digital Library

[11]

Potter, B., Allen, B. and Mcgraw, G. Software security testing. IEEE Security & Privacy, pp. 32--36, Sept. 2004.

Digital Library

[12]

Pretschner, A., Le Traon, Y. and Mouelhi, T. Model-based tests for access control policies. Proc. of the First International Conference on Software Testing Verification and Validation (ICST'08). Lillehamer, Norway, April 2008.

Digital Library

[13]

Schneier, B. Attack trees. Dr. Dobb's Journal of Software Tools 24, 12, 1999, pp. 21--29

[14]

Schuler, D. and Zeller, A. (Un-)Covering equivalent mutants, Proc. of the Third International Conf. on Software Testing, Verification and Validation (ICST'2010), pp: 45--54.

Digital Library

[15]

Shahriar, H. and Zulkernine, M. MUTEC: Mutation-based testing of cross site scripting, Proc. of SESS'09, pp. 47--53.

Digital Library

[16]

Shahriar, H. and Zulkernine, M. MUSIC: Mutation-based SQL injection vulnerability checking. Proc. of QSIC '08. pp. 77--86. Oxford, Aug. 2008.

Digital Library

[17]

Swiderski, F. and Snyder, W. Threat Modeling. Microsoft Press, 2004

Digital Library

[18]

Thompson, H. H., Why security testing is hard? IEEE Security & Privacy, 2003. 1(4): pp. 83--86.

Digital Library

[19]

Tuya, J., Suárez-Cabal, M., and Riva, C. Mutating database queries, Information and Software Technology, 49(4) 398--417, April 2007.

Digital Library

[20]

Wang, L., Wong, W. and Xu, D. A threat model driven approach for security testing. Proc. of SESS'07, May 2007.

Digital Library

[21]

Xu, D. and Nygard, K. E. Threat-driven modeling and verification of secure software using aspect-oriented Petri nets, IEEE Trans. on Software Engineering. Vol. 32, No. 4, pp. 265--278, April 2006.

Digital Library

Cited By

Görz PMathis BHassler KGüler EHolz TZeller AGopinath RCalandrino JTroncoso C(2023)Systematic assessment of fuzzers using mutation analysisProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620491(4535-4552)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620491
Fan BParrot DBlümel MLabes ATasdemir D(2019)Influence of OSMAC-Based Cultivation in Metabolome and Anticancer Activity of Fungi Associated with the Brown Alga Fucus vesiculosusMarine Drugs10.3390/md1701006717:1(67)Online publication date: 19-Jan-2019
https://doi.org/10.3390/md17010067
Barrak ALaverdière MKhomh FAn LMerlo EOnut IPetriu DChen W(2018)Just-in-time detection of protection-impacting changes on WordPress and MediaWikiProceedings of the 28th Annual International Conference on Computer Science and Software Engineering10.5555/3291291.3291310(178-188)Online publication date: 29-Oct-2018
https://dl.acm.org/doi/10.5555/3291291.3291310
Show More Cited By

Index Terms

Security mutation testing of the FileZilla FTP server
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging

Recommendations

An Alternative Threat Model-based Approach for Security Testing

In modern interaction, web applications has gained more and more popularity, which leads to a significate growth of exposure to malicious users and vulnerability attacks. This causes organizations and companies to lose valuable information and suffer ...
Mutation Analysis of Magento for Evaluating Threat Model-Based Security Testing
COMPSACW '11: Proceedings of the 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops

Security testing is a major means for assuring software security and many security testing techniques have been developed in the past. Benchmarks, however, are in great demands for empirically evaluating the vulnerability detection capabilities of these ...
Security vulnerabilities and mitigation techniques of web applications
SIN '13: Proceedings of the 6th International Conference on Security of Information and Networks

Web applications contain vulnerabilities, which may lead to serious security breaches such as stealing of confidential information. To protect against security breaches, it is necessary to understand the detailed steps of attacks and the pros and cons ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '11: Proceedings of the 2011 ACM Symposium on Applied Computing

March 2011

1868 pages

ISBN:9781450301138

DOI:10.1145/1982185

Conference Chairs:
William Chu
Tunghai University, TaiChung, Taiwan
,
W. Eric Wong
University of Texas at Dallas, Richardson, Texas
,
Program Chairs:
Mathew J. Palakal
Indiana University Purdue University, Indianapolis
,
Chih-Cheng Hung
Southern Polytechnic State University, Marietta

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 March 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Division of Computer and Network Systems

Conference

SAC'11

Sponsor:

SIGAPP

SAC'11: The 2011 ACM Symposium on Applied Computing

March 21 - 24, 2011

TaiChung, Taiwan

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
480
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)2

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Görz PMathis BHassler KGüler EHolz TZeller AGopinath RCalandrino JTroncoso C(2023)Systematic assessment of fuzzers using mutation analysisProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620491(4535-4552)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620491
Fan BParrot DBlümel MLabes ATasdemir D(2019)Influence of OSMAC-Based Cultivation in Metabolome and Anticancer Activity of Fungi Associated with the Brown Alga Fucus vesiculosusMarine Drugs10.3390/md1701006717:1(67)Online publication date: 19-Jan-2019
https://doi.org/10.3390/md17010067
Barrak ALaverdière MKhomh FAn LMerlo EOnut IPetriu DChen W(2018)Just-in-time detection of protection-impacting changes on WordPress and MediaWikiProceedings of the 28th Annual International Conference on Computer Science and Software Engineering10.5555/3291291.3291310(178-188)Online publication date: 29-Oct-2018
https://dl.acm.org/doi/10.5555/3291291.3291310
Chaim MSantos DCruzes D(2018)What Do We Know About Buffer Overflow Detection?International Journal of Systems and Software Security and Protection10.4018/IJSSSP.20180701019:3(1-33)Online publication date: 1-Jul-2018
https://doi.org/10.4018/IJSSSP.2018070101
Ribeiro VCruzes DTravassos G(2018)A Perception of the Practice of Software Security and Performance Verification2018 25th Australasian Software Engineering Conference (ASWEC)10.1109/ASWEC.2018.00018(71-80)Online publication date: Nov-2018
https://doi.org/10.1109/ASWEC.2018.00018
Gong MDong WZhang Z(2014)An Embedded FTP Server: Research and ImplementationApplied Mechanics and Materials10.4028/www.scientific.net/AMM.543-547.1977543-547(1977-1980)Online publication date: Mar-2014
https://doi.org/10.4028/www.scientific.net/AMM.543-547.1977

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents