Title :
Web Application Model Recovery for User Input Validation Testing
Author :
Nuo Li ; Ji Wu ; Mao-zhong Jin ; Chao Liu
Author_Institution :
Beihang Univ., Beijing
Abstract :
The invalidated input is one of the most critical web application security flaws. However, testing the user input validation function is an intellectual and labor intensive task. We are developing a model driven framework to help testers to accomplish this job in visual view with guidance. This paper reports our on-going work. A meta-model of Web application for user input validation testing is defined. Based on the meta-model, by analyzing HTML files, a light weight method is given to create the model. Our evaluation shows that the proposed method can comprehensively model Web applications, and accurately identify the purpose of input points, which are very important for the test case generation in the future.
Keywords :
Internet; hypermedia markup languages; program testing; program verification; system recovery; HTML; Web application model recovery; meta model; test case generation; user input validation testing; Application software; Chaos; Computer science; Data security; HTML; National security; Project management; Software engineering; Software testing; System testing;
Conference_Titel :
Software Engineering Advances, 2007. ICSEA 2007. International Conference on
Conference_Location :
Cap Esterel
Print_ISBN :
0-7695-2937-2
Electronic_ISBN :
978-0-7695-2937-0
DOI :
10.1109/ICSEA.2007.86
