Title :
An Automated Approach to Generate Web Applications Attack Scenarios
Author :
Alata, E. ; Kaaniche, M. ; Nicomette, V. ; Akrout, R.
Author_Institution :
LAAS, Toulouse, France
Abstract :
Web applications have become one of the most popular targets of attacks during the last years. Therefore it is important to identify the vulnerabilities of such applications and to remove them to prevent potential attacks. This paper presents an approach that is aimed at the vulnerability assessment of Web applications following a black-box approach. The objective is to detect vulnerabilities in Web applications and their dependencies and to generate attack scenarios that reflect such dependencies. Our approach aims to move a step forward toward the automation of this process. The paper presents the main concepts behind the proposed approach and an example that illustrates the main steps of the algorithm leading to the identification of the vulnerabilities of a Web application and their dependencies.
Keywords :
Internet; security of data; Web application attack scenario; black-box approach; vulnerability assessment; Algorithm design and analysis; Buildings; HTML; Navigation; Security; Uniform resource locators; Security; vulnerability detection algorithm; vulnerability scanner;
Conference_Titel :
Dependable Computing (LADC), 2013 Sixth Latin-American Symposium on
Conference_Location :
Rio de Janeiro
Print_ISBN :
978-1-4673-5746-3
DOI :
10.1109/LADC.2013.22
