Your search keyword '"web testing"' showing total 841 results

1. Conceptualization of Multi-user Collaborative GUI-Testing for Web Applications

Author

Coppola, Riccardo, Fulcini, Tommaso, Torchiano, Marco, Ghosh, Ashish, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Bertolino, Antonia, editor, Pascoal Faria, João, editor, Lago, Patricia, editor, and Semini, Laura, editor

Published

2024

2. Tree-Based Synthesis of Web Test Sequences from Manual Actions

Author

Jiang, Pengkun, Wang, Sinan, Liu, Yepang, Hartmanis, Juris, Founding Editor, van Leeuwen, Jan, Series Editor, Hutchison, David, Editorial Board Member, Kanade, Takeo, Editorial Board Member, Kittler, Josef, Editorial Board Member, Kleinberg, Jon M., Editorial Board Member, Kobsa, Alfred, Series Editor, Mattern, Friedemann, Editorial Board Member, Mitchell, John C., Editorial Board Member, Naor, Moni, Editorial Board Member, Nierstrasz, Oscar, Series Editor, Pandu Rangan, C., Editorial Board Member, Sudan, Madhu, Series Editor, Terzopoulos, Demetri, Editorial Board Member, Tygar, Doug, Editorial Board Member, Weikum, Gerhard, Series Editor, Vardi, Moshe Y, Series Editor, Goos, Gerhard, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Chin, Wei-Ngan, editor, and Xu, Zhiwu, editor

Published

2024

3. An empirical study to compare three web test automation approaches: NLP‐based, programmable, and capture&replay.

Author

Leotta, Maurizio, Ricca, Filippo, Marchetto, Alessandro, and Olianas, Dario

Subjects

*EMPIRICAL research, *AUTOMATION, *NATURAL language processing, *NATURAL languages

Abstract

A new advancement in test automation is the use of natural language processing (NLP) to generate test cases (or test scripts) from natural language text. NLP is innovative in this context and promises of reducing test cases creation time and simplifying understanding for "non‐developer" software testers as well. Recently, many vendors have launched on the market many proposals of NLP‐based tools and testing frameworks but their superiority has never been empirically validated. This paper investigates the adoption of NLP‐based test automation in the web context with a series of case studies conducted to compare the costs of the NLP testing approach—measured in terms of test cases development and test cases evolution—with respect to more consolidated approaches, that is, programmable (or script‐based) testing and capture&replay testing. The results of our study show that NLP‐based test automation appears to be competitive for small‐ to medium‐sized test suites such as those considered in our empirical study. It minimizes the total cumulative cost (development and evolution) and does not require software testers with programming skills. [ABSTRACT FROM AUTHOR]

Published

2024

4. Optimizing Prioritization of Crowdsourced Test Reports of Web Applications through Image-to-Text Conversion.

Author

Xiao, Lei, Wu, Yunhuan, Chen, Rongshang, and Shi, Hanghai

Subjects

*OPTICAL character recognition, *WEB-based user interfaces, *NATURAL language processing, *MOBILE apps, *RESEARCH personnel

Abstract

Collating vast test reports is a time-consuming and laborious task in crowdsourced testing. Crowdsourced test reports are usually presented in two ways, one as text and the other as images, which have symmetrical content. Researchers have proposed many text- and image-based methods for prioritizing crowdsourced test reports of mobile applications. However, crowdsourced test reports of web applications typically have clearer textual descriptions of errors but noisier screenshots of errors. This gap motivates us to propose a method for prioritizing crowdsourced test reports of web applications to detect all errors earlier. In this paper, we integrate text and image information from test reports to enhance the analysis process. First, we use the natural language processing (NLP) technique to extract textual features of error descriptions and then symmetrically extract image features of error screenshots, i.e., we use the optical character recognition (OCR) technique to obtain textual information in the screenshots and then also use the NLP technique to extract features. To validate our approach, we conduct experiments on 717 test reports. The experimental results show that our method has a higher APFD (average percentage fault detection) and shorter runtime than state-of-the-art prioritization methods. [ABSTRACT FROM AUTHOR]

Published

2024

5. Is NLP-based Test Automation Cheaper Than Programmable and Capture &Replay?

Author

Leotta, Maurizio, Ricca, Filippo, Stoppa, Simone, Marchetto, Alessandro, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Vallecillo, Antonio, editor, Visser, Joost, editor, and Pérez-Castillo, Ricardo, editor

Published

2022

6. Multiperspective Web Testing Supported by a Generation Hyper-Heuristic

Author

Balera, Juliana Marino, de Santiago Júnior, Valdivino Alexandre, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Gervasi, Osvaldo, editor, Murgante, Beniamino, editor, Misra, Sanjay, editor, Rocha, Ana Maria A. C., editor, and Garau, Chiara, editor

Published

2022

7. A MODEL-BASED APPROACH TO ENHANCING WEB ACCESSIBILITY FOR INDIVIDUALS WITH SPECIAL EDUCATION NEEDs.

Author

Lefterov, Denislav, Hristov, Hristo, and Enkov, Svetoslav

Subjects

WEB accessibility, INDIVIDUAL needs, WEB design, COMPUTER software development, COMMUNITIES

Abstract

An important aspect in software development nowadays is digital opportunities for meeting the needs of disadvantaged affected people with Special Education Needs (SEN). In this article, we consider the problem of identifying and improving the accessibility of web platforms designed for users who have SEN. To achieve this goal, a model was created and implemented in the web platform sopbg.org. The specialized website, which is maintained and developed by the authors of the publication, unites a community of several thousand users with SEN. The intensive consumption of the platform provided the authors with the opportunity to make a number of improvements to the applied model, some of which should be considered. [ABSTRACT FROM AUTHOR]

Published

2023

8. Optimizing Prioritization of Crowdsourced Test Reports of Web Applications through Image-to-Text Conversion

Author

Lei Xiao, Yunhuan Wu, Rongshang Chen, and Hanghai Shi

Subjects

crowdsourced testing, web testing, test report prioritization, optical character recognition, Mathematics, QA1-939

Abstract

Collating vast test reports is a time-consuming and laborious task in crowdsourced testing. Crowdsourced test reports are usually presented in two ways, one as text and the other as images, which have symmetrical content. Researchers have proposed many text- and image-based methods for prioritizing crowdsourced test reports of mobile applications. However, crowdsourced test reports of web applications typically have clearer textual descriptions of errors but noisier screenshots of errors. This gap motivates us to propose a method for prioritizing crowdsourced test reports of web applications to detect all errors earlier. In this paper, we integrate text and image information from test reports to enhance the analysis process. First, we use the natural language processing (NLP) technique to extract textual features of error descriptions and then symmetrically extract image features of error screenshots, i.e., we use the optical character recognition (OCR) technique to obtain textual information in the screenshots and then also use the NLP technique to extract features. To validate our approach, we conduct experiments on 717 test reports. The experimental results show that our method has a higher APFD (average percentage fault detection) and shorter runtime than state-of-the-art prioritization methods.

Published

2024

9. Implementing Web Testing System Depending on Performance Testing Using Load Testing Method

Author

Abed, Sawsan Sahib, Omar, al-Hakam Hikmat, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Kumar, Raghvendra, editor, Quang, Nguyen Ho, editor, Kumar Solanki, Vijender, editor, Cardona, Manuel, editor, and Pattnaik, Prasant Kumar, editor

Published

2021

10. SleepReplacer: a novel tool-based approach for replacing thread sleeps in selenium WebDriver test code.

Author

Olianas, Dario, Leotta, Maurizio, and Ricca, Filippo

Subjects

WEB-based user interfaces, SLEEP, SELENIUM

Abstract

Assuring quality of web applications is fundamental, given their relevance in the today's world. A possible way to reach this goal is through end-to-end (E2E) testing, an approach in which a web application is automatically tested by performing the actions that a user would do. With modern web applications (for example, single-page applications), it is of great importance to properly handle asynchronous calls in the test suite. In E2E Selenium WebDriver test suites, asynchronous calls are usually managed in two ways: using thread sleeps or explicit waits. The first is easier to use, but is inefficient and can lead to instability (also called flakiness, a problem often present in test suites that makes us lose confidence in the testing phase), while the second is usually more efficient but harder to use because, if the correct kind of wait is not carefully selected, it can introduce flakiness too. To help Testers, who often opt for the first strategy, we present in this work a tool-based approach to automatically replace thread sleeps with explicit waits in an E2E Selenium WebDriver test suite without introducing new flakiness. We empirically validated our tool named SleepReplacer on four different test suites, and we found that it can correctly replace in an automatic way from 81 to 100% of thread sleeps, leading to a significant reduction of the total execution time of the test suite (i.e., from 13 to 71%). [ABSTRACT FROM AUTHOR]

Published

2022

11. Guess the State: Exploiting Determinism to Improve GUI Exploration Efficiency

Author

Clerissi, D, Denaro, G, Mobilio, M, Mariani, L, Clerissi D., Denaro G., Mobilio M., Mariani L., Clerissi, D, Denaro, G, Mobilio, M, Mariani, L, Clerissi D., Denaro G., Mobilio M., and Mariani L.

Abstract

Many automatic Web testing techniques generate test cases by analyzing the GUI of the Web applications under test, aiming to exercise sequences of actions that are similar to the ones that testers could manually execute. However, the efficiency of the test generation process is severely limited by the cost of analyzing the content of the GUI screens after executing each action. In this paper, we introduce an inference component, S, which accumulates knowledge about the behavior of the GUI after each action. S enables the test generators to reuse the results computed for GUI screens that recur multiple times during the test generation process, thus improving the efficiency of Web testing techniques. We experimented S with Web testing techniques based on three different GUI exploration strategies (Random, Depth-first, and Q-learning) and nine target systems, observing reductions from 22% to 96% of the test generation time

Published

2024

12. Shinobi: A Novel Approach for Context-Driven Testing (CDT) Using Heuristics and Machine Learning for Web Applications

Author

Nguyen, Duc-Man, Do, Hoang-Nhat, Huynh, Quyet-Thang, Vo, Dinh-Thien, Ha, Nhu-Hang, Akan, Ozgur, Series Editor, Bellavista, Paolo, Series Editor, Cao, Jiannong, Series Editor, Coulson, Geoffrey, Series Editor, Dressler, Falko, Series Editor, Ferrari, Domenico, Series Editor, Gerla, Mario, Series Editor, Kobayashi, Hisashi, Series Editor, Palazzo, Sergio, Series Editor, Sahni, Sartaj, Series Editor, Shen, Xuemin (Sherman), Series Editor, Stan, Mircea, Series Editor, Xiaohua, Jia, Series Editor, Zomaya, Albert Y., Series Editor, Duong, Trung Q, editor, and Vo, Nguyen-Son, editor

Published

2019

13. Mutation-Based Web Test Case Generation

Author

Almeida, Sérgio, Paiva, Ana C. R., Restivo, André, Barbosa, Simone Diniz Junqueira, Editorial Board Member, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Kotenko, Igor, Editorial Board Member, Yuan, Junsong, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Piattini, Mario, editor, Rupino da Cunha, Paulo, editor, García Rodríguez de Guzmán, Ignacio, editor, and Pérez-Castillo, Ricardo, editor

Published

2019

14. Keyword Recorder for Robot Framework

Author

Amelia Kezia Gunawan

Subjects

web testing, robot framework, test automation, test script, Engineering (General). Civil engineering (General), TA1-2040

Abstract

In this era where Agile's popularity is growing fast in the IT industry, test automation becomes more and more crucial for Agile. However, test automation is time-consuming. For this reason, the student creates a tool named Keyword Recorder to create and generate test scripts — the most time-consuming part of test automation — intending to find a solution to speed up the test automation process. Keyword Recorder is a standalone program for web testing and is made to generate scripts for Robot Framework. It consists of two components: a browser, and a recorder. The browser is where the user do the web testing and the recorder’s job is to capture all the user actions along with the web elements during web testing and generate a Robot Framework’s test script based on the recorded actions.

Published

2020

15. Semantic Web Accessibility Testing via Hierarchical Visual Analysis.

Author

Bajammal, Mohammad and Mesbah, Ali

Subjects

SEMANTIC Web, PEOPLE with disabilities, SOFTWARE product line engineering, ARTIFICIAL intelligence, COMPUTER software development, SOFTWARE engineering

Abstract

Web accessibility, the design of web apps to be usable by users with disabilities, impacts millions of people around the globe. Although accessibility has traditionally been a marginal afterthought that is often ignored in many software products, it is increasingly becoming a legal requirement that must be satisfied. While some web accessibility testing tools exist, most only perform rudimentary syntactical checks that do not assess the more important high-level semantic aspects that users with disabilities rely on. Accordingly, assessing web accessibility has largely remained a laborious manual process requiring human input. In this paper, we propose an approach, called AXERAY, that infers semantic groupings of various regions of a web page and their semantic roles. We evaluate our approach on 30 real-world websites and assess the accuracy of semantic inference as well as the ability to detect accessibility failures. The results show that AXERAY achieves, on average, an F-measure of 87% for inferring semantic groupings, and is able to detect accessibility failures with 85% accuracy. [ABSTRACT FROM AUTHOR]

Published

2021

16. On the Use of Generative Deep Learning Approaches for Generating Hidden Test Scripts.

Author

Oz, Mert, Kaya, Caner, Olmezogullari, Erdi, and Aktas, Mehmet S.

Subjects

WEB-based user interfaces, WEB 2.0, SCRIPTS, DEEP learning

Abstract

With the advent of web 2.0, web application architectures have been evolved, and their complexity has grown enormously. Due to the complexity, testing of web applications is getting time-consuming and intensive process. In today's web applications, users can achieve the same goal by performing different actions. To ensure that the entire system is safe and robust, developers try to test all possible user action sequences in the testing phase. Since the space of all the possibilities is enormous, covering all user action sequences can be impossible. To automate the test script generation task and reduce the space of the possible user action sequences, we propose a novel method based on long short-term memory (LSTM) network for generating test scripts from user clickstream data. The experiment results clearly show that generated hidden test sequences are user-like sequences, and the process of generating test scripts with the proposed model is less time-consuming than writing them manually. [ABSTRACT FROM AUTHOR]

Published

2021

17. Security of Web Application: State of the Art : Research Theories and Industrial Practices

Author

Rehman, Habib ur, Nazir, Mohammed, Mustafa, Khurram, Barbosa, Simone Diniz Junqueira, Series editor, Chen, Phoebe, Series editor, Filipe, Joaquim, Series editor, Kotenko, Igor, Series editor, Sivalingam, Krishna M., Series editor, Washio, Takashi, Series editor, Yuan, Junsong, Series editor, Zhou, Lizhu, Series editor, Kaushik, Saroj, editor, Gupta, Daya, editor, Kharb, Latika, editor, and Chahal, Deepak, editor

Published

2017

18. Search Based Path and Input Data Generation for Web Application Testing

Author

Biagiola, Matteo, Ricca, Filippo, Tonella, Paolo, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Menzies, Tim, editor, and Petke, Justyna, editor

Published

2017

19. Sidereal: Statistical adaptive generation of robust locators for web testing.

Author

Leotta, Maurizio, Ricca, Filippo, and Tonella, Paolo

Subjects

HEURISTIC

Abstract

Summary: By ensuring adequate functional coverage, End‐to‐End (E2E) testing is a key enabling factor of continuous integration. This is even more true for web applications, where automated E2E testing is the only way to exercise the full stack used to create a modern application. The test code used for web testing usually relies on DOM locators, often expressed as XPath expressions, to identify the web elements and to extract the data checked in assertions. When applications evolve, the most dominant cost for the evolution of test code is due to broken locators, which fail to locate the target element in the novel versions and must be repaired. In this paper, we formulate the robust XPath locator generation problem as a graph exploration problem, instead of relying on ad‐hoc heuristics as the one implemented by the state of the art tool robula+. Our approach is based on a statistical adaptive algorithm implemented by the tool sidereal, which outperforms robula+'s heuristics in terms of robustness by learning the potential fragility of HTML properties from previous versions of the application under test. sidereal was applied to six applications and to a total of 611 locators and was compared against two baseline algorithms, robula+ and Montoto. The adoption of sidereal results in a significant reduction of the number of broken locators (respectively ‐55% and ‐70%). The time for generating such robust locators was deemed acceptable being in the order of hundredths of second. [ABSTRACT FROM AUTHOR]

Published

2021

20. Test case generation based on mutations over user execution traces.

Author

Paiva, Ana C. R., Restivo, André, and Almeida, Sérgio

Subjects

WEB-based user interfaces, COMPUTER software testing, SOURCE code, SOFTWARE maintenance

Abstract

Automatic test case generation is usually based on models of the software under test. However, those models may not exist or may be outdated and so, the test case generation must resort to other artifacts. In a software maintenance context, test cases must adapt to software changes and should be improved continuously to test adequately the new versions of the software. Mutation testing is a fault-based testing technique that evaluates the quality of the tests by applying simple changes to the source code and checking afterwards if the tests are able to detects those changes. This paper presents a web testing approach in which test cases are generated from user execution traces as a way to deal with the absence of models. In addition, it applies mutation operators over those test cases to enrich the test suite. The mutation operators were designed so as to mimic possible real failures. The additional tests are analyzed, and those that generate different outcomes are kept because they exercise additional behavior of the web application under test. At the end, the overall approach is illustrated and validated in a case study. [ABSTRACT FROM AUTHOR]

Published

2020

21. GUI Testing to the Power of Parallel Q-Learning

Author

Mobilio, M, Clerissi, D, Denaro, G, Mariani, L, Mobilio M., Clerissi D., Denaro G., Mariani L., Mobilio, M, Clerissi, D, Denaro, G, Mariani, L, Mobilio M., Clerissi D., Denaro G., and Mariani L.

Abstract

Q-learning is an attractive option for GUI testing, allowing for sophisticated test generation strategies that learn and exploit effective GUI interactions. However, learning comprehensive models requires long test sessions. This issue is exacerbated by the needs of both testers, who might want to run multiple testing sessions to fine-tune the test strategy to their applications under test, and researchers, who might want to experiment with multiple alternative approaches. To address these concerns, this paper presents $GT^{PQL}$, a testing tool that supports GUI testing with a parallel deployment Q-learning, and that can be flexibly configured and extended with multiple state-space abstractions and Q-leaning variants.

Published

2023

22. Testování použitelnosti a bezpečnosti webu

Author

Hub, Miloslav, Němcová Hromádková, Karolína, Hub, Miloslav, and Němcová Hromádková, Karolína

Abstract

Tato bakalářská práce se zabývá testováním a hodnocením použitelnosti části webu Univerzity Pardubice a jeho bezpečností. Jsou zde popsány hlavní metody testování použitelnosti a bezpečnosti, souvislost mezi použitelností a bezpečností. Pomocí definovaných metod je realizováno testování použitelnosti multifaktorové autentizace. V závěru práce je uveden seznam doporučení, jak eliminovat nedostatky nalezené při testování., This Bachelor´s thesis deals with the testing and evaluation of the usability of part of the website of the University of Pardubice and security. There are main usability and security testing methods, the connection between usability and security described. Using defined methods, usability testing of multifactor authentication is carried out. At the end of the thesis, there is a list of recommendations that were discovered during testing., Fakulta ekonomicko-správní, Studentka přednesla obhajobu práce s názvem: Testování použitelnosti a bezpečnosti webu. Cílem práce je navrhnout řešení zjištění nedostatků použitelnosti a bezpečnosti webu na základě výsledků jeho testování. Otázky dle posudku vedoucího bakalářské práce nejsou. Studentka na doplňující otázky reagovala., Dokončená práce s úspěšnou obhajobou

Published

2023

23. Web Application Testing Challenges

Author

Saha, Goutam Kumar

Published

2018

24. MoFQA: A TDD Process and Tool for Automatic Test Case Generation from MDD Models

Author

Linda Riquelme, Magalí González, Nathalie Aquino, and Luca Cernuzzi

Subjects

Software Testing, MBT, TDD, Acceptance Tests, Web Testing, Selenium, Electronic computers. Computer science, QA75.5-76.95

Abstract

Techniques for quality assurance have to deal with the complexity of software systems and the high probabilities of new errors appearing in any stage of the software life cycle. Software testing is a widely used approach but, due to the costs involved in this process, development teams often debate its applicability in their projects. In the endeavor to reduce the complexity of this process, this study presents an approach for software development based in Test-Driven Development (TDD) supported by Model-Based Testing (MBT) tools to allow automatic test-case generation. The approach, called MoFQA (Model-First Quality Assurance), consists of two main aspects: i) a method to drive software development based on testing techniques which defines steps and recom-mended practices; and, ii) a tool-set to allow clients and stakeholders to model system requirements, testers to create models that represent unit and abstract tests, and transformation tools used to generate executable tests. The tools that MoFQA provides are focusing on web applications. In order to validate the MoFQA tools, two validation experiences are presented.

Published

2019

25. Challenges of End-to-End Testing with Selenium WebDriver and How to Face Them: A Survey

Author

Maurizio Leotta, Boni García, Filippo Ricca, Jim Whitehead, and Comunidad de Madrid

Subjects

Behavioral sciences, Telecomunicaciones, End-to-end testing, Web testing, Personal opinion survey, Selenium WebDriver

Abstract

Proceeding of 2023 IEEE 16th International Conference on Software Testing, Verification and Validation (ICST 2023), 16-20 April 2023, Dublin, Ireland. Modern web applications are complex and used for tasks of primary importance, so their quality must be guaranteed at the highest levels. For this reason, testing techniques (e.g., end-to-end) are required to validate the overall behavior of web applications. One of the most popular tools for testing web applications is Selenium WebDriver. Selenium WebDriver automates the browser to mimic real user actions on the web.While Selenium has made testing easier for many Teams worldwide, it still has its share of challenges. To better understand the challenges and the corresponding solutions adopted we decided to undertake a personal opinion survey from the industry (in total with 78 highly skilled participants) with a focus on the Selenium ecosystem.The results allow understanding which challenges are consid-ered more relevant by professionals in their daily practice and which are the techniques, approaches, and tools they adopt to face them. Therefore, this study is useful to (1) practitioners interested in understanding how to solve the problems they face every day and (2) researchers interested in proposing innovative solutions to problems having a solid industrial impact. This work was partially supported in part by the Ministerio de Ciencia e Innovación-Agencia Estatal de Investigación (10.13039/501100011033) through the H2O Learn project under Grant PID2020-112584RB-C31, and in part by the Madrid Regional Government through the e-Madrid-CM Project under Grant S2018/TCS-4307.

Published

2023

26. Integration of Web Front-End Testing in an Acceptance Test Automation Framework for Distributed Systems within an Emergency Center Environment

Author

Spendier, Thomas

Subjects

Selenium, Distributed systems, Web testing, Acceptance tests, Software testing

Abstract

Akzeptanztests werden verwendet, um die erforderliche Funktionalität eines Softwaresystems sicherzustellen. Sie werden durchgeführt, bevor das System in den Echtbetrieb geht. Das Durchführen von Akzeptanztests wird erschwert, wenn es sich bei dem zu testenden System (SUT) um ein verteiltes System handelt, d.h. es besteht aus mehreren Anwendungen, die miteinander interagieren. Dabei liegt die größte Herausforderung in der Synchronisation und der Administration des Testprozesses. Das Automatisieren von Akzeptanztests bei solchen Systemen kann sehr aufwändig sein, wenn es dabei keine strukturierte Vorgehensweise gibt. Einsatzleitsysteme für das Annehmen und Bearbeiten von Notrufen sind hoch verteilte und komplexe Systeme. Diese laufen üblicherweise in einer bereits vorhandenen Service-Infrastruktur, wie z.B. Telefonnetze, Radio-Kommunikationssysteme und Clients von Drittanbietern. Das Automatisieren von Akzeptanztests für Einsatzleitsysteme erfordert daher Simulation an unterschiedlichen Schnittstellen. Da es keine passende Automatisierungsunterstützung für das Testen von Einsatzleitsystemen gibt, hat Frequentis ein Framework entwickelt, mit welchem sich Akzeptanztests automatisieren lassen. Dieses Framework ermöglicht die Steuerung sämtlicher Kommunikation mit dem SUT, die für Akzeptanztests notwendig sind. Das Framework kann jedoch nur Java Swing Benutzeroberflächen ansprechen. Da immer mehr Anwendungen über Weboberflächen zugänglich werden, bietet Frequentis ebenfalls webbasierte Clients an, um das Annehmen und Bearbeiten von Notrufen im Browser zu ermöglichen. Daher muss das bestehende Testautomatisierungs-Framework ebenfalls Weboberflächen ansprechen können. Im Rahmen dieser Diplomarbeit haben wir dieses Framework erweitert, sodass Weboberflächen als Teil eines verteilten Systems angesprochen und getestet werden können. Wir sammelten die notwendigen Anforderungen und haben eine Softwarelösung, welche sich in das bestehende Framework integriert, entworfen und implementiert. Diese Erweiterung des Frameworks bietet eine Programmierschnittstelle (API) an, welche Testentwickler dazu animieren soll, das Page Object Pattern anzuwenden, sodass die erzeugten Akzeptanztests leichter wartbar sind. Unsere Erweiterung basiert auf dem Browser-Automatisierungstool Selenium. Wir führten eine Anforderungsanalyse durch, um die notwendigen Funktionen der Framework-Erweiterung zu bestimmen. Die Entwicklung und Integration der Erweiterung in das bestehende Framework haben wir mittels evolutionärem Prototyping durchgeführt. Zuletzt führten wir eine Fallstudie durch, um zu evaluieren, ob das erweiterte Testautomatisierungs-Framework den beabsichtigten Zweck erfüllt. Unsere Fallstudie hat gezeigt, dass die Erweiterung in zahlreichen Projekten innerhalb Frequentis eingesetzt wird und dass die angebotene API häufig verwendet wird., Acceptance tests are used to ensure that a software system delivers its required functionality. They are performed on a system prior to its delivery to a live environment. Acceptance testing becomes a complex task when the system under test (SUT) is distributed, i.e. it consists of multiple applications interacting with each other. The main challenge lies in the synchronization and administration of the test process. Automating acceptance tests of such systems can result in high effort when not performed in a structured way. Control center solutions for handling and managing emergency calls are highly distributed and complex systems. They are usually embedded into an existing infrastructure of services (like telephony call lines, radio communication systems and 3rd party clients). Hence, automating acceptance tests for control center solutions requires simulation on multiple interfaces. As no suitable tool is available for testing control center solutions, Frequentis developed an acceptance test automation framework. With this framework, it is possible to control all necessary communications with the SUT in a uniform and simple way. However, it is only capable of addressing Java Swing based front-ends. As more and more applications become accessible via web interfaces, Frequentis’ control center solutions also offer web based clients to enable emergency call handling via a browser. Therefore the existing test automation framework is required to also address web front-ends. In this master thesis, we extended this framework so that web front-ends participating in a distributed system can be addressed and tested. We collected the necessary requirements, designed and implemented a solution which integrates into the existing framework. This framework extension offers an API to encourage test developers to apply the page object pattern in order to create maintainable tests. Our extension is based on the browser automation tool Selenium. We used requirements engineering to determine the necessary capabilities of the extension. Furthermore, we performed evolutionary prototyping to develop and integrate the extension into the existing framework. Eventually, we performed a case study to evaluate whether the extended test automation framework fits its intended purpose. Our study shows that the extension is used in numerous projects within Frequentis and that there is a high adoption rate of the offered API.

Published

2023

27. An Automated Approach for Acceptance Web Test Case Modeling and Executing

Author

Besson, Felipe M., Beder, Delano M., Chaim, Marcos L., van der Aalst, Will, editor, Mylopoulos, John, editor, Sadeh, Norman M., editor, Shaw, Michael J., editor, Szyperski, Clemens, editor, Sillitti, Alberto, editor, Martin, Angela, editor, Wang, Xiaofeng, editor, and Whitworth, Elizabeth, editor

Published

2010

28. Adaptive Random Testing in Detecting Layout Faults of Web Applications.

Author

Selay, Elmin, Zhou, Zhi Quan, Chen, Tsong Yueh, and Kuo, Fei-Ching

Subjects

COMPUTER software testing, SOFTWARE engineering, WEB-based user interfaces, COMPUTER software development, FAULT tolerance (Engineering)

Abstract

As part of a software testing process, output verification poses a challenge when the output is not numeric or textual, such as graphical. The industry practice of using human oracles (testers) to observe and verify the correctness of the actual results is both expensive and error-prone. In particular, this practice is usually unsustainable when developing web applications — the most popular software of our era. This is because web applications change frequently due to the fast-evolving requirements amid popular demand. To improve the cost effectiveness of browser output verification, in this study we design failure-based testing techniques and evaluate the effectiveness and efficiency thereof in the context of web testing. With a novel application of the concept of adaptive random sequence (ARS), our approach leverages peculiar characteristics of failure patterns found in browser layout rendering. An empirical study shows that the use of failure patterns and inclination to guide the testing flow leads to more cost-effective results than other classic methods. This study extends the application of ARSs from the input space of programs to their output space, and also shows that adaptive random testing (ART) can outperform random testing (RT) in both failure detection effectiveness (in terms of F-measure) and failure detection efficiency (in terms of execution time). [ABSTRACT FROM AUTHOR]

Published

2018

29. PESTO: Automated migration of DOM-based Web tests towards the visual approach.

Author

Leotta, Maurizio, Stocco, Andrea, Ricca, Filippo, and Tonella, Paolo

Subjects

COMPUTER software testing, WEB-based user interfaces, DOCUMENT Object Model (Web development technology), COMPUTER vision equipment, APPLICATION software, WEB development

Abstract

Test automation tools are widely adopted for testing complex Web applications. Three generations of tools exist: first, based on screen coordinates; second, based on DOM-based commands; and third, based on visual image recognition. In our previous work, we proposed PESTO, a tool able to migrate second-generation Selenium WebDriver test suites towards third-generation Sikuli ones. In this work, we extend PESTO to manage Web elements having (1) complex visual interactions and (2) multiple visual appearances. PESTO relies on aspect-oriented programming, computer vision, and code transformations. Our new improved tool has been evaluated on two Web test suites developed by an independent tester. Experimental results show that PESTO manages and transforms correctly test suites withWeb elements having complex visual interactions andmultistate elements. By using PESTO, the migration of existing DOM-based test suites to the visual approach requires a low manual effort, since our approach proved to be very accurate. [ABSTRACT FROM AUTHOR]

Published

2018

30. Point of Sale Framework-Based Code Igniter and Model View Controller Using Lighthouse Testing

Author

Ben Rahman, Fauziah Fauziah, and Muhammad Syaifudin

Subjects

Ajax, Point of sale, Database, business.industry, Computer science, computer.software_genre, Barcode, law.invention, Web testing, Model–view–controller, law, Web application, Graphics, Programmer, business, computer, computer.programming_language

Abstract

The success of companies engaged in the field of distributors is not only from good and smart human resources, but how ready the company's way to provide tools or programs supporting the work of employees. Some of the problems are the administration system between the company's internal divisions, so there are restrictions on the processing of input data, processes, outputs that are still manual. Web Application is made to facilitate employees to conduct administrative activities with the access role of each user admin division, for example inventory data, creation of sales invoices, road letters, procurement forms and bookkeeping. In addition, The Web View application is already responsive in this sense can adjust the device PC / Tablet / Mobile, then for visualization of data calculation already using cart / data graphics in real time, and there is also a feature preview, download and print JPEG, PNG, PDF, Barcode and QR code. Web Testing This application with black box method and shows it is running well and no error method, so it can be declared passed. Web Creation This application involves the LTE 2.0 Admin Template with bootstrap CSS, for programmer frameworks using MVC model view controllers that exist in the Code Igniter 3.0 framework so that it is faster and easier to implement or developed in other field companies or in the manufacturing industry. Tests using lighthouse for perform by 94% showed that the application designed to have a good performance for display results, and its access value of 60%, indicating that the process related to responsiveness between users is appropriate both using PC / Tablet / Mobile

Published

2021

31. Penerapan CFTT untuk Pengujian Aplikasi Web-Based Android Analysis Tools (WAAT) dengan Federated testing

Author

Yasir Muin, Fietyata Yudha, and Yudi Prayudi

Subjects

Web testing, Standardization, business.industry, Computer science, Process (engineering), Computer forensics, Android (operating system), Analysis tools, Software engineering, business, Test (assessment)

Abstract

Perkembangan smartphone membuat aktivitas manusia lebih muda, dengan fitur-fitur yang diberikan, perkembangan tersebut tidak menutup kemungkinan dengan kecanggihan fitur smartphone dimanfaatkan sebagai media komunikasi untuk mendukung bentuk aksi kejahatan. Proses investigasi forensik dalam penanganan barang bukti elektronik pada smartphone menjadi sebuah tantangan bagi ahli forensik karena perkembangan smartphone yang terus berkembang. permasalahan yang dihadapi oleh ahli forensik adalah sulit menentukan tools forensik yang harus digunakan dalam penanganan barang bukti karena beberapa aplikasi yang dikembangan belum diuji dengan standar forensik. untuk itu dalam penelitian ini akan dilakukan pengujian aplikasi web based android analysis tools berdasarkan standar computer forensics tools testing menggunakan aplikasi federated testing. pengujian ini dilakukan untuk mengetahui kelayakan aplikasi web based dengan melakukan evaluasi data antara hasil pengujian web based dan hasil pengujian federated testing. dari hasil evaluasi tersebut didapatkan bahwa aplikasi web based masih lebih rendah dibandingkan dengan federated testing karena pada aplikasi web based hanya mampu menghasilkan empat variabel data yang sama dengan laporan federated testing, sedangkan data lainnya belum di support oleh aplikasi tersebut, sehingga dapat dapat disimpulkan bahwa aplikasi web based android analysis tools ini belum memenuhi syarat standarisasi cftt.

Published

2021

32. Testing Web Services Using Progressive Group Testing

Author

Tsai, Wei-Tek, Chen, Yinong, Cao, Zhibin, Bai, Xiaoying, Huang, Hai, Paul, Ray, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Chi, Chi-Hung, editor, and Lam, Kwok-Yan, editor

Published

2004

33. Web Applications Testing using White Box Method

Author

Goswami, Kanika

Published

2013

34. Business-Oriented Testing in E-Commerce

Author

Fehlmann, Thomas, Meyerhoff, Dirk, editor, Laibarra, Begoña, editor, van der Pouw Kraan, Rob, editor, and Wallet, Alan, editor

Published

2002

35. Usability and Accessibility Assessment of Saudi Arabia Mobile E-Government Websites

Author

Hasan Al-Sakran and Mohammed A. T. AlSudairi

Subjects

Web standards, WCAG, Government, General Computer Science, business.industry, Computer science, media_common.quotation_subject, Public sector, Internet privacy, General Engineering, Usability, Accessibility, usability, Web testing, General Materials Science, Mobile technology, Quality (business), lcsh:Electrical engineering. Electronics. Nuclear engineering, e-government, mobile website, business, lcsh:TK1-9971, Mobile device, media_common

Abstract

The rapid spread of smart mobile technology is transforming the way how governments provide information and services to their citizens. We all are rely more on our devices, namely smartphones, laptops, or desktop to get information and a wide range of services from government websites. Such heavy usage of government websites results in an increased need for efficient and effective delivery of government services. Therefore, mobile government websites’ usability and accessibility are essential dimensions that determine the quality and accessibility of mobile e-government. The main objective of this research is to analyze the accessibility and usability aspects of selected public sector websites in Saudi Arabia. This study investigates how well the Saudi mobile e-government websites comply with usability standards and accessibility guidelines recommended in the Web Content Accessibility Guidelines (WCAG). Websites assessments were conducted using manual evaluation and complemented by different automated analysis tools. This study applies a number of evaluation techniques to assess Saudi government websites accessed from desktop or mobile devices, such as an automated website testing technique, mobile-friendliness testing, and content observation technique. Various tools have been used for site evaluation, such as GTmetrix (PageSpeed Score, YSlow Score), WAVE, Google mobile-friendly test, and Dareboost for mobile websites. The study uncovers shortcomings regarding non-compliance to international web standards recommendations. The findings revealed usability and accessibility problems that affect the performance of government websites. In order to improve these websites within these aspects, several recommendations were suggested for improving the usability and accessibility of websites in Saudi Arabia that will make sure different groups of citizens are satisfied with the website features and services provided by them.

Published

2021

36. Pair Programming and Testing in a Medical Web Project

Author

Timpe, Michael, Wieczorek, Martin, editor, and Meyerhoff, Dirk, editor

Published

2001

37. Ensuring the quality of Web Sites and E-commerce applications

Author

Bazzana, Gualtiero, Wieczorek, Martin, editor, and Meyerhoff, Dirk, editor

Published

2001

38. Автоматизація QA тестування програмних продуктів

Author

Харченко, Костянтин Васильович

Subjects

веб-тестування, гібридний фреймворк, web testing, веб-застосунок, web application, автоматизація, Page Object Model, Selenium WebDriver, automation, hybrid framework

Abstract

Об’єктом дослідження є інструментарій та методи написання скриптів автоматизації тестування веб-додатків. Значимість роботи пов’язана з високим попитом на написання скриптів тестування веб- систем, оскільки мануальне тестування займає дуже великий обсяг часу і відповідно витрати бюджету. В даній роботі було проведене дослідження підходів та методів написання скриптів автоматизації тестування веб-застосунків, застосування інструментів Selenium WebDriver, TestNG та Allure у автоматизації веб-тестування, та розроблений приклад фреймворку на основі перерахованих інструментів. Результат виконання даної роботи може бути використаний в якості керування для швидкого введення автоматизації веб-тестування на проекті. Загальний об’єм роботи: 165 с., 36 рисунків, 13 таблиць, посилання на 25 літературних джерел. The Objectives for this thesis is exploring the tools and methods for the development of test-automation scripts for web-application QA. Importance of the thesis is attributable to increased demand for developing test-automation scripts due to overall time-consumption and resulting high cost of manual testing. In this thesis were explored the approaches and methods of developing test-automation scripts for web application testing, the use of Selenium WebDriver, TestNG and Allure tools in web testing automation, and developed an example of a framework based on these tools. The result of this work can be used as a basis for the deployment of web testing automation on the project. The paper contains: 165 p., 36 figures, 13 tables, 25 references.

Published

2022

39. APOGEN: automatic page object generator for web testing.

Author

Stocco, Andrea, Leotta, Maurizio, Ricca, Filippo, and Tonella, Paolo

Subjects

WEB-based user interfaces, WEBSITES, REVERSE engineering, AUTOMATION, COMPUTER programming

Abstract

Modern web applications are characterized by ultra-rapid development cycles, and web testers tend to pay scant attention to the quality of their automated end-to-end test suites. Indeed, these quickly become hard to maintain, as the application under test evolves. As a result, end-to-end automated test suites are abandoned, despite their great potential for catching regressions. The use of the Page Object pattern has proven to be very effective in end-to-end web testing. Page objects are façade classes abstracting the internals of web pages into high-level business functions that can be invoked by the test cases. By decoupling test code from web page details, web test cases are more readable and maintainable. However, the manual development of such page objects requires substantial coding effort, which is paid off only later, during software evolution. In this paper, we describe a novel approach for the automatic generation of page objects for web applications. Our approach is implemented in the tool Apogen, which automatically derives a testing model by reverse engineering the target web application. It combines clustering and static analysis to identify meaningful page abstractions that are automatically turned into Java page objects for Selenium WebDriver. Our evaluation on an open-source web application shows that our approach is highly promising: Automatically generated page object methods cover most of the application functionalities and result in readable and meaningful code, which can be very useful to support the creation of more maintainable web test suites. [ABSTRACT FROM AUTHOR]

Published

2017

40. Comparative Analysis of Web Applications using JMeter.

Author

Jha, Nisha and Popli, Rashmi

Subjects

COMPUTER software testing, WEB-based user interfaces, OPEN source software, APPLICATION software, JAVA programming language

Abstract

The Software testing is done to ensure the quality characteristics of an application like functionality, performance, usability, scalability. Performance testing is a technique for quality assurance. It is a way of testing web applications to guarantee that the applications will perform properly under their expected normal workload. Features and Functionalities supported by a software system is not the sole concern. A software application's performance like its response time, do make a difference. The objective of performance testing is not to discover bugs but to eliminate performance bottlenecks. Performance testing is mainly categorised as Stress and Load testing. JMeter is an Open Source tool, widely used to measure performance parameters of an application. It is a java application for load testing and measuring performance. This paper presents performance testing concepts and a comparative analysis of web applications in terms of its response time, throughput and deviation, proposing a way to increase revenue for web application Industry. [ABSTRACT FROM AUTHOR]

Published

2017

41. Rancang Bangun Aplikasi Rekapitulasi Obat dengan Menerapkan Tanda Tangan Digital

Author

Raden Budiarto Hadiprakoso and Aulia Tri Rahmawati

Subjects

Authentication, Service (systems architecture), Web testing, Polyclinic, Database, Digital signature, Acceptance testing, Computer science, computer.software_genre, Service process, computer

Abstract

The current condition experienced by the XYZ Polyclinic is that there is no application built to simplify the service process contained in the polyclinic so that all service processes are still manual. An example is the calculation of the number of drugs that are in and out of use. This calculation takes a long time, is prone to errors in accounting, and consumes many papers. To solve this problem, we develop an application to recap drugs. The drug recapitulation application is based on a website with the WebML method using the CodeIgniter framework and MySQL database. The application produces the result in the form of a PDF file of the drug recapitulation report per month and day. As a security feature, the monthly drug recapitulation report results include a digital signature as proof of authentication, integrity, and anti-denial. The application built has been tested using web testing methods and user acceptance testing to be applied.

Published

2020

42. A fuzzy-based framework for evaluation of website design quality index

Author

Satinder Kaur and Sunil Gupta

Subjects

Information retrieval, Computer science, Website design, media_common.quotation_subject, 05 social sciences, Library and Information Sciences, Digital library, Fuzzy logic, Domain (software engineering), Web testing, Index (publishing), Evaluation methods, Quality (business), 0509 other social sciences, 050904 information & library sciences, media_common

Abstract

An unrecognized significance of the web acts as a driving force for the massive and rapid growth of websites in each domain of social life. For making a successful website, it is necessary for developers to embrace appropriate web testing and evaluation methodology. Some valuable works in the past have striven to appraise the web applications quantitatively. Various parameters have been considered which are again sub-parameterized to measurable indicators. But their weighing criterion has not been appropriately taken into account according to the domain of the website. Also, the relative degrees of interactions among parameters have not been taken into consideration. The work presented in this paper aims at describing a framework, Quality Index Evaluation Method to gauge the design quality of a website in the form of index value. An automated tool has been designed and coded to measure the metrics quantitatively. A weighing technique based on Fuzzy-DEMATEL (Decision Making Trial and Evaluation Laboratory Method) has been applied on these metrics. Fuzzy trapezoidal numbers have been used for assessment of parameters and the final design quality index value. To verify the use of framework in different website domains, it has been exercised on eight academic (four institutional and four digital libraries), five informative and four commercial websites. The results have been validated through the most widely used method in literature, i.e., user judgment. Opinions of users for each website have been quantified and aggregated with fuzzy aggregation technique. Experimental results show that the proposed framework provides accurate and consistent results in very less time.

Published

2020

43. Test case generation based on mutations over user execution traces

Author

S. R. Almeida, André Restivo, and Ana C. R. Paiva

Subjects

Source code, Computer science, business.industry, media_common.quotation_subject, Context (language use), Software maintenance, computer.software_genre, Test (assessment), Web testing, Test case, Software, Test suite, Data mining, Safety, Risk, Reliability and Quality, business, computer, media_common

Abstract

Automatic test case generation is usually based on models of the software under test. However, those models may not exist or may be outdated and so, the test case generation must resort to other artifacts. In a software maintenance context, test cases must adapt to software changes and should be improved continuously to test adequately the new versions of the software. Mutation testing is a fault-based testing technique that evaluates the quality of the tests by applying simple changes to the source code and checking afterwards if the tests are able to detects those changes. This paper presents a web testing approach in which test cases are generated from user execution traces as a way to deal with the absence of models. In addition, it applies mutation operators over those test cases to enrich the test suite. The mutation operators were designed so as to mimic possible real failures. The additional tests are analyzed, and those that generate different outcomes are kept because they exercise additional behavior of the web application under test. At the end, the overall approach is illustrated and validated in a case study.

Published

2020

44. Accessibility of Websites of the European National Tourism Boards

Author

Zuzana Horváthová, Filip Rubáček, Irena Jindrichovska, and Josef Abrhám

Subjects

business.industry, Computer science, Tourism -- Marketing, media_common.quotation_subject, Hospitality industry -- Europe, Web sites -- Design, Tourism -- Government policy -- Europe, General Business, Management and Accounting, Checklist, World Wide Web, Web testing, Identification (information), Software, Originality, Tourism -- Management, business, Set (psychology), General Economics, Econometrics and Finance, Practical implications, Tourism -- Internet marketing -- Europe, Tourism, media_common

Abstract

Purpose: The aim is to find out the current state of accessibility of the websites of European national tourism boards. Furthermore, the identification of the most common errors in terms of accessibility as well as recommendations leading to their correction is aimed for. Design/methodology/approach: The study is based on methods of testing the availability of web systems. The testing included automated tools, namely AChecker and Accessibility Evaluation Tool, as well as the WCAG 2.1 checklist developed by WebAIM initiative. Findings: The research has shown a relatively high accessibility of those websites. Nevertheless, some accessibility violations have been identified that can significantly complicate the accessibility of those websites for users using various assistive devices or other alternative hardware or software means. The most commonly identified errors include: failure to use alternative text for content-relevant images, the absence of text or audio transcripts for videos shared via Youtube, missing descriptions for text form elements and missing label for search form. Practical implications: The results of the research can be used in the evaluation of web presentations at the level of tourism boards and destination management. Originality/Value: The main output of this article is the application of web testing methodology on a comprehensive set of national tourist boards., peer-reviewed

Published

2020

45. The Accessibility of Health Related Websites of Cyprus Island

Author

Erkut Inan Iseri, Kaan Uyar, and Umit Ilhan

Subjects

Web testing, business.industry, media_common.quotation_subject, Internet privacy, Software development, medicine, Health related, Web application, Ignorance, Business, medicine.symptom, Carelessness, media_common

Abstract

People with disabilities may have problems accessing websites and using web applications due to lack of necessary tests in the software development and carelessness or ignorance in maintenance. Bringing them into the web world unhindered should be one of the main goals of administrations, web developers and content managers. This study covers the accessibility evaluation of the 76 health related websites on the island of Cyprus to verify the degree of compliance of the websites with The Web Content Accessibility Guidelines 2.1 (WCAG 2.1) published by the World Wide Web Consortium (W3C). At the end of the evaluation by using two different tools it was concluded that the websites under investigation revealed that only 6.67% of the home pages are in the acceptable level and none of the websites are completely error free. In addition, all of the pages of the 20 websites that examined had accessibility errors.

Published

2021

46. Web Application Testing

Author

Luigi Libero Lucio Starace, Adriano Peron, Sergio Di Martino, Anna Corazza, Corazza, Anna, Di Martino, Sergio, Peron, Adriano, Starace, Luigi Libero Lucio, DI MARTINO, Sergio, and Starace, LUIGI LIBERO LUCIO

Subjects

FOS: Computer and information sciences, Computer science, Near-duplicate detection, Model inference, Web Application Testing, Tree kernels, Reverse engineering, Model-based testing, Context (language use), computer.software_genre, Machine Learning, Computer Science - Software Engineering, Web Applications, Web testing, Web page, Web application, Software Testing, Software Engineering, Machine Learning, Web Applications, Representation (mathematics), Class (computer programming), Software Testing, Software Engineering, D.2.5, business.industry, Software Engineering (cs.SE), Feature (computer vision), Data mining, Tree kernel, business, computer

Abstract

In the context of End-to-End testing of web applications, automated exploration techniques (a.k.a. crawling) are widely used to infer state-based models of the site under test. These models, in which states represent features of the web application and transitions represent reachability relationships, can be used for several model-based testing tasks, such as test case generation. However, current exploration techniques often lead to models containing many near-duplicate states, i.e., states representing slightly different pages that are in fact instances of the same feature. This has a negative impact on the subsequent model-based testing tasks, adversely affecting, for example, size, running time, and achieved coverage of generated test suites. As a web page can be naturally represented by its tree-structured DOM representation, we propose a novel near-duplicate detection technique to improve the model inference of web applications, based on Tree Kernel (TK) functions. TKs are a class of functions that compute similarity between tree-structured objects, largely investigated and successfully applied in the Natural Language Processing domain. To evaluate the capability of the proposed approach in detecting near-duplicate web pages, we conducted preliminary classification experiments on a freely-available massive dataset of about 100k manually annotated web page pairs. We compared the classification performance of the proposed approach with other state-of-the-art near-duplicate detection techniques. Preliminary results show that our approach performs better than state-of-the-art techniques in the near-duplicate detection classification task. These promising results show that TKs can be applied to near-duplicate detection in the context of web application model inference, and motivate further research in this direction., Comment: 6 pages, 3 figures, accepted for presentation at the 15th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM 2021)

Published

2021

47. A Review of Web Application Security Risks: Auditing and Assessment of the Dark Web

Author

Parag H Rughani, Harmesh Rana, Ch. A. S. Murty, Rachit Verma, and Roshan Pathak

Subjects

Web testing, Exploit, business.industry, Computer science, Common Vulnerabilities and Exposures, Internet privacy, Web application, Information security, Encryption, business, Web application security, Anonymity

Abstract

The Darkweb is an anonymous Internet network that keeps users communicating over an unknown, encrypted and highly anonymous channel. The most vital feature of the dark web is anonymity, and that makes it a favourite place for criminals as it is challenging for Legal Enforcement Agencies (LEAs) to track those IP addresses of hosted services and the dark web users they are hidden services. This point motivated us to review auditing and assessment of various applications on the dark web. In this paper, we proposed a methodology for identifying vulnerabilities in the dark web to understand the negligence of hosting web applications as in the surface web. We used the most common known vulnerabilities and respective Common Vulnerabilities and Exposures (CVEs), which are part of the list of publicly disclosed computer security flaws for around 600 websites and were able to identify 294 (around 50%) websites in the dark web found to be vulnerable and exploitable. Identifying vulnerabilities and exploiting methods helps in tracing users and their transactions with that website. The approach helped our further research integrate with a framework in combating the anonymity and invisible threat for monitoring criminal activities.

Published

2021

48. Web-Based HIV Testing in Abruzzo, Italy: Analysis of 15-Month Activity Results.

Author

Polilli, Ennio, Sozio, Federica, Di Stefano, Paola, Sciacca, Antonina, Ursini, Tamara, Paoloni, Maurizio, Vecchiet, Jacopo, Di Giammartino, Dante, Sciotti, Maria Pina, Grimaldi, Alessandro, Cortesi, Valerio, Fazii, Paolo, Ricci, Elena, D'Amario, Claudio, Ippolito, Giuseppe, Pippa, Lucio, and Parruti, Giustino

Subjects

*HIV prevention, *SEXUALLY transmitted disease diagnosis, *BLOOD testing, *DIAGNOSIS, *GAY men, *HETEROSEXUALS, *HIV-positive persons, *MEDICAL errors, *RESEARCH funding, *SEROLOGY, *VIROLOGY, *WEB browsers, *VIRAL load, *CONTACT tracing, DEVELOPED countries

Abstract

Undiagnosed cases of HIV infection in developed countries are estimated at 20-30% of individuals living with HIV.Web-based strategies may represent a new approach to easier, wider, and unrestricted access to early testing. The Abruzzo Region, Italy, developed a Web-based tool to recruit persons at high risk of HIV and other sexually transmitted infections (STIs). At the Website www.failtestanchetu.it, browsers found information on STIs (HIV, hepatitis B and C, and syphilis), a structured questionnaire called "risk calculator" to assess one's own risk behaviors and direct booking of their test at one of six sites throughout the region. The Website was advertised on local media and in pharmacies, high schools, sports facilities, and factories. Between February 1, 2014, and May 31, 2015, about 6000 users visited the Website; 3046 people attended a visit for counseling on risk behaviors, signs, or symptoms of STIs and accepted blood drawing for HIV, hepatitis B Virus (HBV), hepatitis C Virus (HCV), and syphilis tests. Fifty-eight (1.90%) subjects were positive for HCV, 56 (1.84%) for HBsAg, 90 (2.95%) for Treponema pallidum antibodies, and 28 (0.92%) for HIV. Ninety-two percent of HIV-positive patients were successfully linked to care. Late presenters were less frequent in this sample than in the population diagnosed with HIV in Italy in 2014. An overall 7% proportion of HIV, HBV, HCV, and syphilis-unaware cases were all transferred to care, with the exception of three people. HIV seropositivity among testers was higher than 2/1000, the cost-effectiveness threshold suggested for effective testing. Therefore, our Web-based unrestricted and free access methodology appears worth further and wider evaluation. [ABSTRACT FROM AUTHOR]

Published

2016

49. Metamorphic Testing for Cybersecurity.

Author

Chen, Tsong Yueh, Kuo, Fei-Ching, Ma, Wenjuan, Susilo, Willy, Towey, Dave, Voas, Jeffrey, and Zhou, Zhi Quan

Subjects

*INTERNET security, *COMPUTER software testing, *COMPUTER security, *COMPUTER science, *COMPUTER software correctness

Abstract

Metamorphic testing (MT) can enhance security testing by providing an alternative to using a test oracle, which is often unavailable or impractical. The authors report how MT detected previously unknown bugs in real-world critical applications such as code obfuscators, giving evidence that software testing requires diverse perspectives to achieve greater cybersecurity. [ABSTRACT FROM AUTHOR]

Published

2016

50. Multiple-path testing for cross site scripting using genetic algorithms.

Author

Ahmed, Moataz A. and Ali, Fakhreldin

Subjects

*SCRIPTING languages (Computer science), *GENETIC algorithms, *WEB-based user interfaces, *COMPUTER security vulnerabilities, *COMPUTER hackers, *DOCUMENT Object Model (Web development technology)

Abstract

Web applications suffer from different security vulnerabilities that could be exploited by hackers to cause harm in a variety of ways. A number of approaches have been proposed to test for such vulnerabilities. However, some gaps are still to be addressed. In this paper, we address one of such gaps: the problem of automatically generating test data (i.e., possible attacks) to test for cross site scripting (XSS) type of vulnerability. The objective is to generate a set of test data to exercise candidate security-vulnerable paths in a given script. The desirable set of test data must be effective in the sense that it uncovers whether any path can indeed be exploited to launch an attack. We designed a genetic algorithm-based test data generator that uses a database of XSS attack patterns to generate possible attacks and assess whether the attack is successful. We considered different types of XSS vulnerability: stored, reflected and DOM based. We empirically validated our test data generator using case studies of Web applications developed using PHP and MySQL. Empirical results show that our test data generator is effective in generating, in one run, multiple test data to cover multiple target paths. [ABSTRACT FROM AUTHOR]

Published

2016