Associate professor at Yarmouk university, Software engineering department Address: Yarmouk university street
less
Interests
Uploads
Papers by Ahmad A Saifan
Evaluate and Improve GUI Testing Coverage Automatically
International Journal, 2011
Abstract: Evaluating coverage criteria is a core subject in software testing. Coverage can be eva... more Abstract: Evaluating coverage criteria is a core subject in software testing. Coverage can be evaluated based on several concerns such as: code, requirements, syntax, paths, decisions, graph, etc. The focus of this research is in evaluating the Graphical User Interface (GUI) testing coverage. In this research, several GUI model based methods are proposed and evaluated for the goal of automatically testing user interfaces and evaluate the testing coverage. The user interfaces' components of tested applications are collected while ...
Using Formal Methods for Test Case Generation According to Transition-Based Coverage Criteria
Jordanian Journal of Computers and Information Technology, 2015
- Formal methods play an important role in increasing the quality, reliability, robustness and ef... more - Formal methods play an important role in increasing the quality, reliability, robustness and effectiveness of software. Also the uses of formal methods, especially in safety-critical systems, help in the early detection of software errors and failures which will reduce the cost and effort involved in software testing. The aim of this paper is to prove the role and the effectiveness of formal specification for the cruise control system (CCS) as a case study. A CCS formal model is built using Perfect formal specification language, and its correctness is validated using the Perfect Developer toolset. We develop a software testing tool in order to generate test cases using three different algorithms. These test cases are evaluated to improve their coverage and effectiveness. The results show that random test case generation with full restriction algorithm is the best in its coverage results; the average of the path coverage is 77.78% and the average of the state coverage is 100%. Finally, our experimental results show that Perfect formal specification language is appropriate to specify CCS which is one of the most safety-critical software systems, so the process of detecting all future possible cases becomes easier.
Version Control Systems, such as Subversion, are standard repositories that preserve all of the m... more Version Control Systems, such as Subversion, are standard repositories that preserve all of the maintenance changes undertaken to source code artifacts during the evolution of a software system. The documented data of the version history are organized as commits; however, these commits do not keep a tag that would identify the purpose of the relevant undertaken change of a commit, thus, there is rarely enough detail to clearly direct developers to the changes associated with a specific type of maintenance. Objective: This work examines the version histories of an open source system to automatically classify version commits into one of two categories, namely adaptive commits and non-adaptive commits. Method: We collected the commits from the version history of three open source systems, then we obtained eight different code change metrics related to, for example, the number of changed statements, methods, hunks, and files. Based on these change metrics, we built a machine learning approach to classify whether a commit was adaptive or not. Results: It is observed that code change metrics can be indicative of adaptive maintenance activities. Also, the classification findings show that the machine learning classifier developed has approximately 75% prediction accuracy within labeled change histories. Conclusion: The proposed method automates the process of examining the version history of a software system and identifies which commits to the system are related to an adaptive maintenance task. The evaluation of the method supports its applicability and efficiency. Although the evaluation of the proposed classifier on unlabeled change histories shows that it is not much better than the random guessing in terms of F-measure, we feel that our classifier would serve as a better basis for developing advanced classifiers that have predictive power of adaptive commits without the need of manual efforts.
International Journal of Open Source Software & Processes, 2017
Maintainabilityisoneofthemostimportantqualityattributethataffectthequalityofsoftware.There arefou... more Maintainabilityisoneofthemostimportantqualityattributethataffectthequalityofsoftware.There arefourfactorsthataffectthemaintainabilityofsoftwarewhichare:analyzability,changeability, stability, and testability. Open source software (OSS) developed by collaborative work done by volunteersthrougharoundtheworldwithdifferentmanagementstyles.Opensourcecodeisupdated andmodifiedallthetimefromthefirstrelease.Therefore,thereisaneedtomeasurethequalityand specificallythemaintainabilityofsuchcode.Thispaperdiscussesthemaintainabilityforthethree domainsoftheopensourcesoftware.Thedomainsare:education,businessandgame.Moreover,to observethemosteffectivemetricsthatdirectlyaffectsthemaintainabilityofsoftware.Analysisof theresultsdemonstratesthatOSSintheeducationdomainisthemostmaintainablecodeandcl_stat (numberofexecutablestatements)metrichasthehighestdegreeofinfluenceonthecalculationof maintenanceinallthreedomains.
Identifying GDPR Privacy Violations Using an Augmented LSTM: Toward an AI-based Violation Alert Systems
2021 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom)
Mobility occurs naturally in many distributed system applications such as telecommunications and ... more Mobility occurs naturally in many distributed system applications such as telecommunications and electronic commerce. Mobility may reduce bandwidth consumption and coupling and increase flexibility. However, it seems that relatively little work has been done to support quality assurance techniques such as testing and verification of mobile systems. This thesis describes an approach for checking the conformance of a mobile, distributed application with respect to an executable model at runtime. The approach is based on kiltera — a novel, high-level language supporting the description and execution of models of concurrent, mobile, distributed, and timed computation. The approach allows distributed, rather than centralized, monitoring. However, it makes very few assumptions about the platform that the mobile agent system is implemented in. We have implemented our approach and validated it using four case studies. Two of them are examples of mobile agent systems, the two others are impl...
This paper provides an overview of Model-Based Testing (MBT) and its activities. A classiflcation... more This paper provides an overview of Model-Based Testing (MBT) and its activities. A classiflcation of MBT based on difierent criteria is also presented. Furthermore, several di‐culties of MBT are highlighted in this paper. A survey that provides a detailed description of how MBT is efiective in testing difierent quality attributes of distributed systems such as security, performance, reliability, and correctness is given. A comparison between difierent MBT tools based on the classiflcation is also given at the end of this paper.
Traceability between code and design documentation in database management system: a case study
Int. Arab J. Inf. Technol., 2018
Traceability builds many strong connections or links between requirements and design, so the main... more Traceability builds many strong connections or links between requirements and design, so the main purpose of traceability is to maintain consistency between a high level conceptual view and a low level implementation view. The purpose of this paper is to have full consistency between all components over all phases in the oracle designer tool by allowing traceability to be carried out not only between the requirements and design but also between the code and design. In this paper, we propose a new methodology to support traceability and completeness checking between code and design of oracle database applications. The new algorithm consists of a set of interrelated steps to initialize the comparison environment. An example of a student information System is used to illustrate the work.
Generating Optimal Attack Paths in Generative Adversarial Phishing
2021 IEEE International Conference on Intelligence and Security Informatics (ISI)
Phishing attacks have witnessed a rapid increase thanks to the matured social engineering techniq... more Phishing attacks have witnessed a rapid increase thanks to the matured social engineering techniques, COVID-19 pandemic, and recently adversarial deep learning techniques. Even though adversarial phishing attacks are recent, attackers are crafting such attacks by considering context, testing different attack paths, then selecting paths that can evade machine learning phishing detectors. This research proposes an approach that generates adversarial phishing attacks by finding optimal subsets of features that lead to higher evasion rate. We used feature engineering techniques such as Recursive Feature Elimination, Lasso, and Cancel Out to generate then test attack vectors that have higher potential to evade phishing detectors. We tested the evasion performance of each technique then classified different evasion tests as passed or failed depending on their evasion rate. Our findings showed that our threat model has better evasion capability compared to the original Generative Adversarial Deep Neural Network (GAN) which perturbs features in a random manner.
Developing dependable distributed multi-agent programs is not an easy task. Even with extensive t... more Developing dependable distributed multi-agent programs is not an easy task. Even with extensive testing and debugging, faults cannot be completely removed. However, many distributed multi-agent programs, especially those employed in safety critical environments, should be able to function properly even in the presence of software faults. Monitoring the execution of a distributed multi-agent program, detecting failures, and reacting to these failures at runtime is the appropriate way to tolerate these failures. In this paper, we have designed and implemented a framework for monitoring the execution of distributed multi-agent programs. The proposed framework extends the Java Agent DEvelopment framework (JADE) allowing agent programmers to monitor global states, to detect the occurrence of certain events and to react to these events at runtime. An example of monitoring a distributed multi-agent program has been presented to demonstrate the effectiveness of the proposed framework.
International Journal of Advanced Computer Science and Applications, 2016
Regression testing is a safeguarding procedure to validate and verify adapted software, and guara... more Regression testing is a safeguarding procedure to validate and verify adapted software, and guarantee that no errors have emerged. However, regression testing is very costly when testers need to re-execute all the test cases against the modified software. This paper proposes a new approach in regression test selection domain. The approach is based on metamodels (test models and structured models) to decrease the number of test cases to be used in the regression testing process. The approach has been evaluated using three Java applications. To measure the effectiveness of the proposed approach, we compare the results using the re-test to all approaches. The results have shown that our approach reduces the size of test suite without negative impact on the effectiveness of the fault detection.
Software testing is the primary approach that is used to test and evaluate software under develop... more Software testing is the primary approach that is used to test and evaluate software under development. The main goal of testing is to find defects before customers find them out. It is very costly. Therefore, reducing the cost of the test is a big challenge. This paper aims at reducing the cost of the test by eliminating the redundant test cases. Our methodology begins with generating the test cases randomly. The Procedural Language/Structured Query Language (PL/SQL) tool is used to generate test cases from the payroll system database functions. The SPSS software package is used to apply the K-means Clustering algorithm to reduce the test cases. The results reveal that the proposed approach significantly reduces the number of test cases from 776 to 240 while keeping the same coverage.
Privacy preserving defect prediction using generalization and entropy-based data reduction
Intelligent Data Analysis
The software engineering community produces data that can be analyzed to enhance the quality of f... more The software engineering community produces data that can be analyzed to enhance the quality of future software products, and data regarding software defects can be used by data scientists to create defect predictors. However, sharing such data raises privacy concerns, since sensitive software features are usually considered as business assets that should be protected in accordance with the law. Early research efforts on protecting the privacy of software data found that applying conventional data anonymization to mask sensitive attributes of software features degrades the quality of the shared data. In addition, data produced by such approaches is not immune to attacks such as inference and background knowledge attacks. This research proposes a new approach to share protected release of software defects data that can still be used in data science algorithms. We created a generalization (clustering)-based approach to anonymize sensitive software attributes. Tomek link and AllNN data...
ECTI Transactions on Computer and Information Technology (ECTI-CIT)
Two primary issues have emerged in the machine learning and data mining community: how to deal wi... more Two primary issues have emerged in the machine learning and data mining community: how to deal with imbalanced data and how to choose appropriate features. These are of particular concern in the software engineering domain, and more specifically the field of software defect prediction. This research highlights a procedure which includes a feature selection technique to single out relevant attributes, and an ensemble technique to handle the class-imbalance issue. In order to determine the advantages of feature selection and ensemble methods we look at two potential scenarios: (1) Ensemble models constructed from the original datasets, without feature selection; (2) Ensemble models constructed from the reduced datasets after feature selection has been applied. Four feature selection techniques are employed: Principal Component Analysis (PCA), Pearson’s correlation, Greedy Stepwise Forward selection, and Information Gain (IG). The aim of this research is to assess the effectiveness of ...
Mutation Testing for Evaluating PHP Web Applications
International Journal of Software Innovation
Web applications provide services to hundreds of billions of people over the world, so they shoul... more Web applications provide services to hundreds of billions of people over the world, so they should be tested, to insure their validity. In this article, we are investigating the ability of testing web application based on traditional mutation testing. To perform this test, we have defined 54 mutation operators, classified into six categories: SQL data retrieving, data manipulation; domain name and IP address look up; internet protocol and service information; HTTP; connection to server and to database. The test was applied to websites that are built using PHP programming for two reasons. The majority of websites nowadays are built using ASP.net or PHP and most of the testing efforts that have been applied on web applications were using the Java programming language. We have implemented a prototype tool called μWebPHP for automatically generating mutants for PHP web applications based on the identified mutation operators. We report preliminary results that show that mutation testing ...
Evaluating Maintainability of Open Source Software
International Journal of Open Source Software and Processes
Maintainability is one of the most important quality attribute that affect the quality of softwar... more Maintainability is one of the most important quality attribute that affect the quality of software. There are four factors that affect the maintainability of software which are: analyzability, changeability, stability, and testability. Open source software (OSS) developed by collaborative work done by volunteers through around the world with different management styles. Open source code is updated and modified all the time from the first release. Therefore, there is a need to measure the quality and specifically the maintainability of such code. This paper discusses the maintainability for the three domains of the open source software. The domains are: education, business and game. Moreover, to observe the most effective metrics that directly affects the maintainability of software. Analysis of the results demonstrates that OSS in the education domain is the most maintainable code and cl_stat (number of executable statements) metric has the highest degree of influence on the calcula...
Uploads
Papers by Ahmad A Saifan