Detecting Implicit Security Exceptions Using an Improved Variable-Length Sequential Pattern Mining Method

Autor: Lili Zhu, Saihua Cai, Michael Omari, Rubing Huang, Dave Towey, Jinfu Chen, Hilary Ackah-Arthur
Rok vydání: 2017
Předmět:
Zdroj: International Journal of Software Engineering and Knowledge Engineering. 27:1235-1268
ISSN: 1793-6403
0218-1940
DOI: 10.1142/s0218194017500462
Popis: The process of component security testing can produce massive amounts of monitor logs. Current approaches to detect implicit security exceptions (those which cannot be identified by visual inspection alone) compare correct execution sequences with fixed patterns mined from the execution of sequential patterns in the monitor logs. However, this is not efficient and is not suitable for mining large monitor logs. To enable effective mining of implicit security exceptions from large monitor logs, this paper proposes a method based on improved variable-length sequential pattern mining. The proposed method first mines the variable-length sequential patterns from correct execution sequences and from actual execution sequences, thus reducing the number of patterns. The sequential patterns are then detected using the Sunday string-searching algorithm. We conducted an experimental study based on this method, the results of which show that the proposed method can efficiently detect the implicit security exceptions of components.
Databáze: OpenAIRE