• DocumentCode
    147880
  • Title

    Automatic Model Inference of Web Applications for Security Testing

  • Author

    Hossen, Karim ; Groz, Roland ; Oriat, Catherine ; Richier, Jean-Luc

  • Author_Institution
    Univ. of Grenoble, Grenoble, France
  • fYear
    2014
  • fDate
    March 31 2014-April 4 2014
  • Firstpage
    22
  • Lastpage
    23
  • Abstract
    In the Internet of services (IoS), web applications are the most common way to provide resources to the users. The complexity of these applications grew up with the number of different development techniques and technologies used. Model-based testing (MBT) has proved its efficiency in software testing but retrieving the corresponding model of an application is still a complex task. In this paper, we propose an automatic and vulnerability-driven model inference approach to model the relevant aspects of a web applications by combining deep web crawling and model inference based on input sequences.
  • Keywords
    Internet; data flow analysis; inference mechanisms; program testing; security of data; Internet of services; IoS; MBT; Web applications; automatic model inference approach; deep Web crawling; input sequences; model-based testing; security testing; software testing; vulnerability-driven model inference approach; Automata; Conferences; Inference algorithms; Machine learning algorithms; Modeling; Security; Testing; Control Flow Inference; Data-Flow Inference; Reverse-Engineering; Security; Web Application;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Testing, Verification and Validation Workshops (ICSTW), 2014 IEEE Seventh International Conference on
  • Conference_Location
    Cleveland, OH
  • Type

    conf

  • DOI
    10.1109/ICSTW.2014.47
  • Filename
    6825633
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=147880