Title :
Automation of detection of security vulnerabilities in web services using dynamic analysis
Author :
Kumar, Rahul ; Indraveni, K. ; Goel, Aakash Kumar
Author_Institution :
CDAC, Hyderabad, India
Abstract :
The usage of XML in maintaining data over the Web communications has lead to new ways of exploitation which are dangerous for the data integrity yet can be remediated on the basis of the vulnerability classification. The approach is reserved for the research scope of unchangeable dynamic vulnerabilities with the help of WSDL Enumeration and automation script for detection of the vulnerabilities on analysis of the SOAP Request and Response saved in XML Format with different payloads.
Keywords :
Web services; XML; data integrity; security of data; SOAP request model; SOAP response model; WSDL enumeration; Web communications; Web services; XML format; automatic security vulnerability detection; automation script; data integrity; data maintenance; dynamic analysis; unchangeable dynamic vulnerabilities; vulnerability classification; Automation; Payloads; Security; Simple object access protocol; Testing; XML; Attack; Automation; Dynamic Analysis; Enumeration; Payload; Response; SOAP Request; Security; Testing; Vulnerability; WSDL; Web Service; XML;
Conference_Titel :
Internet Technology and Secured Transactions (ICITST), 2014 9th International Conference for
Conference_Location :
London
DOI :
10.1109/ICITST.2014.7038832
