DocumentCode :
2089715
Title :
XSS Vulnerability Detection Using Model Inference Assisted Evolutionary Fuzzing
Author :
Duchene, Fabien ; Groz, Roland ; Rawat, Sanjay ; Richier, Jean-Luc
Author_Institution :
Lab. d´´Inf. de Grenoble, UJF-Grenoble 1, Grenoble, France
fYear :
2012
fDate :
17-21 April 2012
Firstpage :
815
Lastpage :
817
Abstract :
We present an approach to detect web injection vulnerabilities by generating test inputs using a combination of model inference and evolutionary fuzzing. Model inference is used to obtain a knowledge about the application behavior. Based on this understanding, inputs are generated using genetic algorithm (GA). GA uses the learned formal model to automatically generate inputs with better fitness values towards triggering an instance of the given vulnerability.
Keywords :
Internet; fuzzy set theory; genetic algorithms; program testing; security of data; Web injection vulnerability detection; application behavior; cross site scripting vulnerability detection; genetic algorithm; model inference assisted evolutionary fuzzing; test input generation; Conferences; Genetic algorithms; Grammar; HTML; Production; Security; Testing; Black-Box Security Testing; Genetic Algorithm; Model Based Fuzzing; Model Inference; Test Automation;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Testing, Verification and Validation (ICST), 2012 IEEE Fifth International Conference on
Conference_Location :
Montreal, QC
Print_ISBN :
978-1-4577-1906-6
Type :
conf
DOI :
10.1109/ICST.2012.181
Filename :
6200193
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2089715
بازگشت