مرکز منطقه ای اطلاع رساني علوم و فناوري - JMODEX: Model extraction for verifying security properties of web applications

DocumentCode :

251926

Title :

JMODEX: Model extraction for verifying security properties of web applications

Author :

Mihancea, P.F. ; Minea, Marius

Author_Institution :

LOOSE Res. Group, Politeh. Univ. of Timisoara, Timisoara, Romania

fYear :

2014

fDate :

3-6 Feb. 2014

Firstpage :

450

Lastpage :

453

Abstract :

Detecting security vulnerabilities in web applications is an important task before taking them on-line. We present JMODEX, a tool that analyzes the code of web applications to extract behavioral models. The security properties of these models can then be verified with a model checker. An initial evaluation, in which a confirmed security flaw is identified using a model extracted by JMODEX, shows the tool potential.

Keywords :

Internet; formal verification; security of data; JMODEX; Web application; model checker; model extraction; security flaw; security vulnerability; Analytical models; Automata; Buildings; Java; Libraries; Radiation detectors; Security;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Software Maintenance, Reengineering and Reverse Engineering (CSMR-WCRE), 2014 Software Evolution Week - IEEE Conference on

Conference_Location :

Antwerp

Type :

conf

DOI :

10.1109/CSMR-WCRE.2014.6747216

Filename :

6747216

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=251926