Skip to Main content Skip to Navigation
Conference papers

Model Inference and Security Testing in the SPaCIoS Project

Abstract : The SPaCIoS project has as goal the validation and testing of security properties of services and web applications. It proposes a methodology and tool collection centered around models described in a dedicated specification language, supporting model inference, mutation-based testing, and model checking. The project has developed two approaches to reverse engineer models from implementations. One is based on remote interaction (typically through an HTTP connection) to observe the runtime behaviour and infer a model in black-box mode. The other is based on analysis of application code when available. This paper presents the reverse engineering parts of the project, along with an illustration of how vulnerabilities can be found with various SPaCIoS tool components on a typical security benchmark.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/hal-00976110
Contributor : Catherine Oriat <>
Submitted on : Wednesday, April 9, 2014 - 4:20:01 PM
Last modification on : Tuesday, December 8, 2020 - 10:18:09 AM

Identifiers

  • HAL Id : hal-00976110, version 1

Collections

Citation

Matthias Büchler, Karim Hossen, Petru Florin Mihancea, Marius Minea, Roland Groz, et al.. Model Inference and Security Testing in the SPaCIoS Project. IEEE Working Conference on Reverse Engineering, CSMR-WCRE 2014, 2014, Antwerp, Belgium. pp.411-414. ⟨hal-00976110⟩

Share

Metrics

Record views

534