基于数据挖掘的第三方构件安全性测试方法研究

Component-based software engineering (CBSE) is currently a popular research focus in the field of software engineering. New component development technologies aim to enhance the efficiency of component development and performance. However, problems related to component reliability and security have not been effectively solved, which worries the component developer and user. Presently, a few approaches for software security testing are being used; these are mainly derived from traditional software testing approaches. These approaches, however, are unsuitable for component security testing, especially the third-party component testing. These traditional testing approaches mainly focus on functionality testing, which, to some extent, can satisfy the requirements for functionality testing of components and component systems. However, these approaches themselves are not yet mature, for most components source code is unavailable and the components are extremely independent, which challenges the security testing of the third-party components..The security of third-party components blocks the development of component technology, and it is also an important part of software quality system. Security testing is an effective means to ensure this characteristic. The third-party components are our research object in this project. At first, the explicit and implicit characteristics of security vulnerabilities are researched when the third-party components are run in static or dynamic mode. A model of component security testing is given based on data mining technology, and then based on this testing model, frequent itemsets and sequential pattern mining algorithms are applied to generate the effective component methods and interface methods execution sequences. The component state transition diagram is derived, and further the testing sequences of interface methods are generated. The conditions and status mutation algorithms are given to mutate the testing sequences based on the testing sequences. The mutation testing sequences are generated by using the mutation algorithms, and security vulnerabilities are detected by executing the testing sequences. In addition, according to the monitoring log of tested components and insecure testing sequences generated by mutation testing, the security association rules, exceptional methods and exceptional method execution sequences are obtained by using data classification technology, frequent itemsets and sequence mining algorithms, and then the security testing report is generated. This research will provide some new approaches and ideas for security testing of the third-party components, which will further promote the development of component-based software engineering.

第三方构件的安全性是影响构件技术发展的重要因素之一，也是软件质量指标体系的重要组成部分，而安全性测试是确保此特性的有效手段。本课题以第三方构件为研究对象，首先研究第三方构件静态及动态运行时的显式及隐式安全漏洞特点，基于数据挖掘技术给出构件的安全性测试模型。然后基于此测试模型采用频繁项集和序列模式挖掘算法挖掘生成需求规约和有效的构件接口方法及构件方法执行序列，进一步导出构件状态转换图并生成接口方法测试序列。在此基础上给出相应的构件条件及状态变异算法,并对测试序列进行条件及状态变异，根据变异算法生成变异测试序列进行安全性测试。此外，基于构件测试运行时的监测日志及变异测试产生的不安全序列，采用数据分类技术、频繁项集及序列挖掘算法得到安全关联规则、安全异常方法及安全异常方法执行序列，同时生成安全测试报告。本课题的研究将为第三方构件的安全性测试提供新的方法和思路，将进一步促进构件软件工程的发展。

基于构件的软件工程由于可实现构件复用及“即插即用”的特点，大大缩短了软件开发的周期，降低开发及维护的成本，已经成为面向对象软件工程领域的研究热点。同时，随着构件技术的发展，构件在医疗、银行等安全至关重要行业的应用日益广泛。因此，对构件及构件系统的测试是保证构件功能性、安全性、可靠性的重要措施，为保证构件的质量，要求实现构件开发的提供方和第三方构件的使用者对构件和构件系统实施测试。然而，目前对构件的研究主要集中在构件功能性测试，以确保找到构件在开发和实现过程中的功能性错误，对构件尤其是第三方构件的安全性测试的研究尚少，特别是第三方构件由于无法获得源代码和详细的设计说明，使得传统的白盒测试技术无法很好地应用，从而给第三方构件安全性测试带来了极大的挑战。. 第三方构件的脆弱性本质是指构件中存在的显式和隐式的安全异常，显式安全异常大多由缓冲区溢出、内存泄漏造成，而隐式安全异常指第三方构件的内部执行状态违背了构件的安全需求规约。本课题以第三方构件为研究对象，首先研究了一种基于数据挖掘技术的构件安全性测试模型及框架，形成指导测试的准则与方法。在这个安全测试模型中研究了基于需求规约和监测日志采用频繁项集与序列模式挖掘算法生成构件方法执行序列的方法。在此基础上研究了相应的构件条件、参数及状态变异测试算法,并对测试序列进行条件、参数及状态变异，根据变异算法生成变异测试序列进行安全性测试。同时基于运行时的监测日志及变异测试产生的不安全序列，研究了采用数据分类技术、频繁项集及序列模式挖掘算法对构件进行安全关联规则、异常方法和异常序列挖掘的方法，进一步生成构件安全漏洞测试报告。此外，以Web服务为测试对象，研究了最坏差异输入、组合变异及安全规则变异测试算法，这些方法对Web服务安全脆弱性测试具有一定的效果。最后，设计实现了一个第三方构件安全性测试原型系统。本课题的研究为第三方构件的安全性测试提供了新的方法和思路，对工业实践构件测试领域具有一定的借鉴作用，在一定程度上促进了构件软件工程的发展。