摘要
为增强软件抵御各种攻击的能力,削减软件开发成本,研究一种基于改进遗传的XML注入式攻击自动测试方法。使用实码遗传算法搜索能够导致系统受到XML注入式攻击的用户输入,在算法执行过程中使用优化的编辑距离算法并引入影响因子LCS重新定义适应度函数指导算法的搜索。实验通过对比不同搜索算法结合不同适应度函数的搜索结果表明,该算法在测试用例的搜索、评估以及算法的执行时间上表现优异。
To enhance the ability of software to resist various attacks and reduce the cost of software development,an automatic generation method of test case for XML injections was proposed.Automatic method based on real-code genetic algorithm was used to search user inputs that caused the system attacked by XML injections,which was guided by using improved fitness function redefined with improved edit distance and influence factor LCS.Combinations of search algorithms and fitness functions were used to verify this algorithm,which were compared to traditional algorithm.Results indicate that the real-code genetic algorithm guided by using improved fitness function is better than traditional algorithm in terms of test case search,test case evaluation and execution time.
作者
王茜
高建华
WANG Xi;GAO Jian-hua(Department of Computer Science and Technology,Shanghai Normal University,Shanghai 200234,China)
出处
《计算机工程与设计》
北大核心
2021年第8期2203-2210,共8页
Computer Engineering and Design
基金
国家自然科学基金项目(61672355)。
关键词
自动测试
注入式攻击
实码遗传算法
改进编辑距离
改进适应度函数
automatic testing
injection attacks
real-code genetic algorithm
improved edit distance
improved fitness function
