• DocumentCode
    609945
  • Title

    An Automated Approach to Generate Web Applications Attack Scenarios

  • Author

    Alata, E. ; Kaaniche, M. ; Nicomette, V. ; Akrout, R.

  • Author_Institution
    LAAS, Toulouse, France
  • fYear
    2013
  • fDate
    1-5 April 2013
  • Firstpage
    78
  • Lastpage
    85
  • Abstract
    Web applications have become one of the most popular targets of attacks during the last years. Therefore it is important to identify the vulnerabilities of such applications and to remove them to prevent potential attacks. This paper presents an approach that is aimed at the vulnerability assessment of Web applications following a black-box approach. The objective is to detect vulnerabilities in Web applications and their dependencies and to generate attack scenarios that reflect such dependencies. Our approach aims to move a step forward toward the automation of this process. The paper presents the main concepts behind the proposed approach and an example that illustrates the main steps of the algorithm leading to the identification of the vulnerabilities of a Web application and their dependencies.
  • Keywords
    Internet; security of data; Web application attack scenario; black-box approach; vulnerability assessment; Algorithm design and analysis; Buildings; HTML; Navigation; Security; Uniform resource locators; Security; vulnerability detection algorithm; vulnerability scanner;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependable Computing (LADC), 2013 Sixth Latin-American Symposium on
  • Conference_Location
    Rio de Janeiro
  • Print_ISBN
    978-1-4673-5746-3
  • Type

    conf

  • DOI
    10.1109/LADC.2013.22
  • Filename
    6542608
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=609945