@inproceedings{422e25f734f04ceeab25d7ac4cec9191,
title = "SMRL: A metamorphic security testing tool for web systems",
abstract = "We present a metamorphic testing tool that alleviates the oracleproblem in security testing. The tool enables engineers to specifymetamorphic relations that capture security properties of Websystems. It automatically tests Web systems to detect vulnerabilitiesbased on those relations. We provide a domain-specific languageaccompanied by an Eclipse editor to facilitate the specification ofmetamorphic relations. The tool automatically collects the inputdata and transforms the metamorphic relations into executable Javacode in order to automatically perform security testing based onthe collected data. The tool has been successfully evaluated on acommercial system and a leading open source system (Jenkins).Demo video: https://youtu.be/9kx6u9LsGxs.",
author = "Mai, {Phu X.} and Arda Goknil and Fabrizio Pastore and Briand, {Lionel C.}",
note = "Publisher Copyright: {\textcopyright} 2020 Copyright held by the owner/author(s).; 42nd ACM/IEEE International Conference on Software Engineering, ICSE-Companion 2020 ; Conference date: 27-06-2020 Through 19-07-2020",
year = "2020",
month = jun,
day = "27",
doi = "10.1145/3377812.3382152",
language = "English",
series = "Proceedings - International Conference on Software Engineering",
publisher = "IEEE Computer Society",
pages = "9--12",
booktitle = "Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering",
}