基于形式化单子的第三方构件安全性测试模型及其应用

Security Testing Model of Third-Party Component Based on Formal Monad and Its Application

因第三方构件通常由不同的组织开发完成,相应的需求开发文档及源代码无法获取,传统的软件安全测试方法无法应用.通过分析构件接口信息,借鉴软件数据挖掘技术可以获取构件相应的接口方法运行序列及需求规约等信息,进而也能对测试日志信息进行分析和处理.针对第三方构件安全性难以测试的问题,本文提出了一种采用数据挖掘技术的测试模型及其测试框架.提出的方法首先形式化定义了测试模型的基本元素,然后基于此模型设计了一个测试框架,并采用单子技术对测试流程和数据挖掘算法进行了形式化描述.为了实现该测试框架,论文实现了数据挖掘相关算法并研发了一个测试第三方构件安全性的测试系统(Component Security Testing Systembasedon Data Mining,CSTS-DM),最后对测试模型及CSTS-DM进行了案例分析及实验验证,并通过对商业构件和模拟构件的分析测试,验证了CSTS-DM原型测试系统的效果和效率,也分析了提出的测试框架及测试模型的有效性及可行性。

The third-party components have been widely used in software system since the third-party components usually are developed by different organizers. Component-based software engineering (CBSE) has a rapid development with software engineering technology, which enhances the development efficiency for different software. As a result, the time of software development is reduced, and the cost of software maintenance is also cut down to some extent. At current, CBSE is an important development approach of software system in real industry. With the popularization of the third-party components, the research on security testing for third-party components is very important. Component security vulnerabilities mean the flaws in the aspects of component security including all the factors that threatening and destroying component security. Component security vulnerabilities usually include explicit and implicit vulnerabilities. Explicit vulnerabilities are commonly caused by memory leak or buffer overflow;while implicit vulnerabilities are usually caused by violating security requirement specification. Both explicit vulnerabilities and implicit vulnerabilities are very difficult to be detected by traditional approaches, which lack effective detection model and detection means. Due to some components come from third-party providers and their source codes and detailed development documentation cannot be obtained, it is difficult to ensure their security through traditional testing methods. With the technology of data mining, the component methods’ test sequence and component requirements may be obtained through processing large - scale test data. Based on data mining technology, we presented the testing framework and testing model for the component security.(1) We proposed a testing model for component security on the basis of data mining technique. Firstly, the major model elements are created, the model elements include component specification, component testing log, component method sequence, data mining algorithm, security testing algorithm, security detecting result and vulnerability rules. Then the monad technique is proposed to formally describe the testing process.(2) In order to guide component security testing, we proposed a security testing framework based on data mining algorithms and security testing model. The testing framework analyzes component interface information and method parameters information. After further mining the component specification, the available component methods are obtained. On the basis of collecting available method name, pre - conditions and post-conditions, the method testing sequences can be generated. In order to test component, the framework can produce the executable test suites, and the monitoring log can be generated by monitoring the running process. Furthermore, the component security exceptions may be detected in the running process.(3) Based on the proposed testing framework, we designed and implemented a component security testing system based on data mining technology (CSTS - DM). In order to validate and test the effectiveness of the proposed testing model and CSTS - DM, we conducted the case analysis and empirical study based on some real-life components including commercial components and self-development components. The case analysis results and experimental results show the proposed model and framework are operable and effective.