Vittalkumar Mirajkar, McAfee India
Sneha Mirajkar, Cisco Systems India
Narayan Naik, McAfee India
Performance testing is an indispensable part of testing life cycle. In Endpoint Products, it is one of the key requirements to be met. Traditional performance testing scope has been around measuring response time for a specific action ex: measure system start-up time, system shutdown time, with web services, its request and response times.
This form of traditional performance testing alone is no longer sufficient but needs to expand further to cover optimal resource utilization for a given specific action. This is to evolve beyond action & response time measurement.
Any software, either an Endpoint Product or web services, all are still software’s which are vulnerable to security flaws, design flaws which make them sluggish and meeting performance benchmarks applies to them more than any other products. Endpoint Software and Webservices are equally vulnerable to DOS attack as well as over resource utilization problems.
In this paper, we discuss how we design resource utilization tests, which are essentially extended performance tests, also used to uncover design flaws, Denial Of Service attack entry points. We have effectively used this technique to explorers how better-designed test case for resource utilization, can aid in uncovering performance bottlenecks and also security vulnerability, Denial of Service Attack entry points. The end results of this testing were not only fixing performance issues but also and making design changes, making the overall product robust to such attacks. This method of testing is applicable to any product. Test case effectiveness of the tests designed not only help uncover performance issues but also identify potential vulnerabilities.
Vittalkumar Mirajkar, Sneha Mirajkar, Narayan Naik, 2018 Technical Presentation, Abstract, Paper, Slides