Context: Software security testing aims to check the security behaviour of a program. To determine whether the program behaves securely on a particular execution, we need an oracle who knows the expected security behaviour. Security test oracle decides whether test cases violate the intended security policies of the program. Thus, it is necessary for the oracle to model the detailed security policies. Unfortunately, these policies are usually poorly documented. Even worse, in some cases, the source code is the only available document of the program.Objective: We propose a method to automatically extract the intended security policies of the program under test from the source code and expected execution traces. We introduce a security test o

Web browsers are enticing attack vectors because they provide an interface to the Internet. Extensions add capabilities to the browsers, and therefore are attractive to attackers. These capabilities are obtained through extension privileges. Some of these privileges are necessary for extensions to perform their claimed functionalities. However, an extension may have some unrequired privileges. Over-privileged extensions may be misused to compromise systems. The authors propose an Over-Privileged EXtension Analyser (OPEXA), to assist security experts in detecting suspicious extensions. OPEXA predicts the intended privileges of extensions based on their descriptions, which are stated by developers in natural language. They utilise this method

A seven-year study using National Vulnerability Database records determined not only which software vulnerabilities were the most common and most severe but also which ones should be prevented first to gain maximum benefit. By focusing on just seven vulnerability categories, security professionals could prevent 60 percent of all software vulnerabilities.

Although analyzing complex systems could be a complicated process, current approaches to quantify system security or vulnerability usually consider the whole system as a single component. In this paper, we propose a new compositional method to evaluate the vulnerability measure of complex systems. By the word composition we mean that the vulnerability measure of a complex system can be computed using pre-calculated vulnerability measures of its components. We define compatible systems to demonstrate which components could combine. Moreover, choice, sequential, parallel and synchronized parallel composition methods are defined and the measurement of the vulnerability in each case is presented. Our method uses a state machine to model the sys