Authors : Nor Fatimah Awang, AzizahAbd Manaf and Siti Fatimah Abidin
Abstract: In software testing, one of the critical issues is the selection of adequate test input. In this study, we formulate a method to generate test input by using permutation and combination algorithm technique in order to generate a set of test input automatically. We also develop a tool called an input generator that automatically generates the test input. The tool is a text list generator based on permutation algorithm on combination of pattern. The text list is generated based on the pattern given in a file template and combination of pattern is generated from the files to form list of text or statement. This attack pattern is formulated based on SQL attack type such as tautology, illegal and piggy-backed type. This tool is able to generate a large number of test inputs based on pattern given by tester at a lesser time. Finally, we show how ideas derived from our method will generate a set of test inputs and able to perform an attack and produce the results.
Nor Fatimah Awang, AzizahAbd Manaf and Siti Fatimah Abidin, 2016. Test Input Generation for Detecting SQL Injection Vulnerability in Web Application. International Journal of Soft Computing, 11: 103-106.