A Study on the Activation of SW Security Test through Crowdsourcing (크라우드소싱을 통한 SW 보안 테스트 활성화 방안 연구)

Choi Ji Eun (최지은); JEON YU JIN (전유진); Lee Hwansoo (이환수)

doi:10.34163/jkits.2018.13.6.003

A Study on the Activation of SW Security Test through Crowdsourcing

Journal of Knowledge Information Technology and Systems
Abbr : JKITS
2018, 13(6), pp.665-675
DOI : 10.34163/jkits.2018.13.6.003
Publisher : Korea Knowledge Information Technology Society
Research Area : Interdisciplinary Studies > Interdisciplinary Research
Published : December 31, 2018

Choi Ji Eun ¹, JEON YU JIN ¹, Lee Hwansoo ¹

¹단국대학교

Accredited

ABSTRACT

Continuous cyber threats are on the rise for critical information from public institutions and private companies. However, the attacks by hackers are not predictable and continue to evolve, and there is a limitation in current security test methods to develop a reliable information system because of time and cost issues. As a new way to strengthen information system security, this study suggests a security test method with utilizing crowd SW testing technique, which is attracting attention as a new software testing methodology. Crowd SW security testing has the advantage of detecting the fault and strengthening security verification on various systems through a large number of people’s participation. It can also be a solution to the time and cost problems posed by existing security testing. Utilizing the method in security test contribute to the improvement of information systems’ reliability and quality through checking security vulnerabilities. In order to activate the cloud SW security test, it is necessary to apply the security test for each stage of development and to test public and leakage organizations. If crowd SW security testers are fostered at the national level, it will contribute to strengthening SW security and solving the manpower shortage problem of SW testing industry.

KEYWORDS

Crowdsourcing, SW security, Security testing, Web, Vulnerability

Citation status

* References for papers published after 2023 are currently being built.

[book] T. Lanowitz / 2005 / Now is the time for security at application level / Gartner : 1~8

[book] N. Losses / 2014 / Estimating the global cost of cybercrime / Centre for Strategic &International Studies : 1~24

[journal] J-S. Jo / 2011 / Cyber-security enhancement strategy for the protection of corporate information assets / Journal of global business research 23(3) : 1~22

[confproc] S-J. Jang / 2007 / A study on implementation of vulnerability assessment tool on the web / Korean Institute of Information Scientists and Engineers Conference Proceeding 34(1D) : 82~85

[other] OWASP / 2017 / OWASP Top 10

[journal] 방지호 / 2013 / Evaluation Methodology of Diagnostic Tool for Security Weakness of e-GOV Software / 한국통신학회논문지C / 한국통신학회 38(4) : 335~343

[journal] 윤준 / 2008 / An Automatic Network Vulnerability Analysis System using Multiple Vulnerability Scanners / 정보과학회 컴퓨팅의 실제 논문지 / 한국정보과학회 14(2) : 246~250

[report] Audit researcher / 2015 / Research on vulnerability check of public sector information system security control : 1~157

[report] Small and Medium Business Institute / 2014 / KOSBI SME FOCUS : 14~17

[confproc] B-S. Chai / 2015 / Crowd sourcing as a control mechanism of software test outsourcing / Korea Society of IT Services 2015 Spring Conference : 83~86

[report] K. Mao / 2015 / A survey of the use of crowdsourcing in software engineering / UCL Department of Computer science : 1~36

[confproc] S. Zogaj / 2013 / Crowdtesting with test cloud–managing the challenges of an intermediary in a crowdsourcing business model / Proceedings of the 21st European Conference on Information Systems, ECIS2013 : 1~15

[report] STA Consulting / 2014 / STA crowd testing service : 1~27

[confproc] X. Peng / 2014 / Collaborative software development platforms for crowdsourcing / IEEE Software Technology : 1~7

[report] Bugcrowd / 2014 / CANVAS by instructure bugcrowd flex program results : 1~7

[web] / 2018 / https://www.microsoft.com/en-us/sdl/process/req uirements.aspx / https://www.microsoft.com/en-us/sdl/process/requirements.aspx

[web] / 2016 / http://www.asiae.co.kr/news/view.htm?idxno=2016082309332023839 / http://www.asiae.co.kr/news/view.htm?idxno=2016082309332023839

[web] / 2016 / http://www.dt.co.kr/contents.html?article_no=2016060302109960718004 / http://www.dt.co.kr/contents.html?article_no=2016060302109960718004

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89

A Study on the Activation of SW Security Test through Crowdsourcing

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89

A Study on the Activation of SW Security Test through Crowdsourcing

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (0)

REFERENCES (18) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.