A mutation framework for evaluating security analysis tools in IoT applications. (15th November 2021)
- Record Type:
- Journal Article
- Title:
- A mutation framework for evaluating security analysis tools in IoT applications. (15th November 2021)
- Main Title:
- A mutation framework for evaluating security analysis tools in IoT applications
- Authors:
- Alalfi, Manar H.
Parveen, Sajeda
Nazzal, Bara' - Other Names:
- Gopinath Rahul guestEditor.
Zhang Jie M. guestEditor.
Kintis Marinos guestEditor.
Papadakis Mike guestEditor. - Abstract:
- Summary: With the growing and widespread use of Internet of Things (IoT) in our daily life, its security is becoming more crucial. To ensure information security, we require better security analysis tools for IoT applications. Hence, this paper presents an automated framework to evaluate taint‐flow analysis tools in the domain of IoT applications. First, we propose a set of mutational operators tailored to evaluate three types of sensitivity analysis, flow, path and context sensitivity. Then we developed mutators to automatically generate mutants for those types. We demonstrated the framework on a subset of mutational operators to evaluate three taint‐flow analysers, SaINT, Taint‐Things and FlowsMiner. Our framework and experiments ranked the taint analysis tools according to precision and recall as follows: Taint‐Things (99% recall, 100% precision), FlowsMiner (100% recall, 87.6% precision) and SaINT (100% recall, 56.8% precision). To the best of our knowledge, our framework is the first framework to address the need for evaluating taint‐flow analysis tools and specifically those developed for IoT SmartThings applications. Abstract : To the best of our knowledge, our framework is the first framework to address the need for evaluating taint‐flow analysis tools and specifically those developed for IoT SmartThings applications.
- Is Part Of:
- Software testing, verification & reliability. Volume 32:Number 7(2022)
- Journal:
- Software testing, verification & reliability
- Issue:
- Volume 32:Number 7(2022)
- Issue Display:
- Volume 32, Issue 7 (2022)
- Year:
- 2022
- Volume:
- 32
- Issue:
- 7
- Issue Sort Value:
- 2022-0032-0007-0000
- Page Start:
- n/a
- Page End:
- n/a
- Publication Date:
- 2021-11-15
- Subjects:
- IoT -- mutation framework -- testing
Computer software -- Testing -- Periodicals
Computer software -- Verification -- Periodicals
Computer software -- Reliability -- Periodicals
005.14 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/stvr.1799 ↗
- Languages:
- English
- ISSNs:
- 0960-0833
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.457500
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 24005.xml