Title :
Automatic Model Inference of Web Applications for Security Testing
Author :
Hossen, Karim ; Groz, Roland ; Oriat, Catherine ; Richier, Jean-Luc
Author_Institution :
Univ. of Grenoble, Grenoble, France
fDate :
March 31 2014-April 4 2014
Abstract :
In the Internet of services (IoS), web applications are the most common way to provide resources to the users. The complexity of these applications grew up with the number of different development techniques and technologies used. Model-based testing (MBT) has proved its efficiency in software testing but retrieving the corresponding model of an application is still a complex task. In this paper, we propose an automatic and vulnerability-driven model inference approach to model the relevant aspects of a web applications by combining deep web crawling and model inference based on input sequences.
Keywords :
Internet; data flow analysis; inference mechanisms; program testing; security of data; Internet of services; IoS; MBT; Web applications; automatic model inference approach; deep Web crawling; input sequences; model-based testing; security testing; software testing; vulnerability-driven model inference approach; Automata; Conferences; Inference algorithms; Machine learning algorithms; Modeling; Security; Testing; Control Flow Inference; Data-Flow Inference; Reverse-Engineering; Security; Web Application;
Conference_Titel :
Software Testing, Verification and Validation Workshops (ICSTW), 2014 IEEE Seventh International Conference on
Conference_Location :
Cleveland, OH
DOI :
10.1109/ICSTW.2014.47
