Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing - Archive ouverte HAL Access content directly
Conference Papers Year : 2012

Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing

(1) , (2) , (2) , (3) , (1)
1
2
3
Taeseung Lee
  • Function : Author
  • PersonId : 1011292
Giyoun Won
  • Function : Author
  • PersonId : 1011293
Seongje Cho
  • Function : Author
  • PersonId : 1011294
Namje Park
  • Function : Author
  • PersonId : 1011229
Dongho Won
  • Function : Author
  • PersonId : 1011295

Abstract

The paper proposes a security testing technique to detect known vulnerabilities of web applications using both static and dynamic analysis. We also present a process to improve the security of web applications by mitigating many of the vulnerabilities revealed in the testing phase, and address a new method for detecting unknown vulnerabilities by applying dynamic black-box testing based on a fuzzing technique. The fuzzing technique includes a structured fuzzing strategy that considers the input data format as well as misuse case generation to enhance the detection rate compared to general fuzzing techniques.
Fichier principal
Vignette du fichier
978-3-642-35606-3_16_Chapter.pdf (275.16 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01551360 , version 1 (30-06-2017)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Taeseung Lee, Giyoun Won, Seongje Cho, Namje Park, Dongho Won. Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. pp.138-144, ⟨10.1007/978-3-642-35606-3_16⟩. ⟨hal-01551360⟩
88 View
446 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More