Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing

Abstract : The paper proposes a security testing technique to detect known vulnerabilities of web applications using both static and dynamic analysis. We also present a process to improve the security of web applications by mitigating many of the vulnerabilities revealed in the testing phase, and address a new method for detecting unknown vulnerabilities by applying dynamic black-box testing based on a fuzzing technique. The fuzzing technique includes a structured fuzzing strategy that considers the input data format as well as misuse case generation to enhance the detection rate compared to general fuzzing techniques.
Type de document :
Communication dans un congrès
James J. Park; Albert Zomaya; Sang-Soo Yeo; Sartaj Sahni. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. Springer, Lecture Notes in Computer Science, LNCS-7513, pp.138-144, 2012, Network and Parallel Computing. 〈10.1007/978-3-642-35606-3_16〉
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01551360
Contributeur : Hal Ifip <>
Soumis le : vendredi 30 juin 2017 - 10:36:09
Dernière modification le : vendredi 1 décembre 2017 - 01:09:56

Fichier

978-3-642-35606-3_16_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Taeseung Lee, Giyoun Won, Seongje Cho, Namje Park, Dongho Won. Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing. James J. Park; Albert Zomaya; Sang-Soo Yeo; Sartaj Sahni. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. Springer, Lecture Notes in Computer Science, LNCS-7513, pp.138-144, 2012, Network and Parallel Computing. 〈10.1007/978-3-642-35606-3_16〉. 〈hal-01551360〉

Partager

Métriques

Consultations de la notice

35

Téléchargements de fichiers

53