Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing

Abstract : The paper proposes a security testing technique to detect known vulnerabilities of web applications using both static and dynamic analysis. We also present a process to improve the security of web applications by mitigating many of the vulnerabilities revealed in the testing phase, and address a new method for detecting unknown vulnerabilities by applying dynamic black-box testing based on a fuzzing technique. The fuzzing technique includes a structured fuzzing strategy that considers the input data format as well as misuse case generation to enhance the detection rate compared to general fuzzing techniques.
Document type :
Conference papers
Complete list of metadatas

Cited literature [11 references]  Display  Hide  Download

https://hal.inria.fr/hal-01551360
Contributor : Hal Ifip <>
Submitted on : Friday, June 30, 2017 - 10:36:09 AM
Last modification on : Friday, June 28, 2019 - 2:02:06 PM
Long-term archiving on : Monday, January 22, 2018 - 8:59:42 PM

File

978-3-642-35606-3_16_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Taeseung Lee, Giyoun Won, Seongje Cho, Namje Park, Dongho Won. Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. pp.138-144, ⟨10.1007/978-3-642-35606-3_16⟩. ⟨hal-01551360⟩

Share

Metrics

Record views

121

Files downloads

463