Software Security Testing of Web Applications Based on SSD

被引:0
|
作者
Hui, Zhanwei [1 ]
Huang, Song [1 ]
机构
[1] PLA Univ Sci & Technol, Inst Comman Automat, PLA Software Test & Evaluat Ctr Mil Training, Nanjing, Jiangsu, Peoples R China
来源
ADVANCED INTELLIGENT COMPUTING THEORIES AND APPLICATIONS | 2010年 / 93卷
关键词
Software security test; Function test; Vulnerability; Software security defect; Defect behavior;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Due to the increasing complexity of Web applications, traditional function security testing, which only tests and validates software security mechanisms, is becoming ineffective to detect latent software security defects (SSD). The number of reported web application vulnerabilities is increasing dramatically. However, the most of vulnerabilities result from some typical SSD. Based on SSD, this paper presents an effective software security testing (SST) model, which extends traditional security testing process to defects behavior analysis which incorporates advantages of traditional testing method and SSD-based security testing methodology. Primary applications show the effectiveness of our test model.
引用
收藏
页码:527 / 534
页数:8
相关论文
共 50 条
  • [21] Towards continuous security certification of Software-as-a-Service applications using web application testing techniques
    Stephanow, Philipp
    Khajehmoogahi, Koosha
    2017 IEEE 31ST INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA), 2017, : 931 - 938
  • [22] Security testing of web applications: A systematic mapping of the literature
    Aydos, Murat
    Aldan, Cigdem
    Coskun, Evren
    Soydan, Alperen
    JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES, 2022, 34 (09) : 6775 - 6792
  • [23] Ontology-driven Security Testing of Web Applications
    Bozic, Josip
    Li, Yihao
    Wotawa, Franz
    2020 IEEE INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE TESTING (AITEST), 2020, : 115 - 122
  • [24] Automatic Model Inference of Web Applications for Security Testing
    Hossen, Karim
    Groz, Roland
    Oriat, Catherine
    Richier, Jean-Luc
    2014 SEVENTH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW 2014), 2014, : 22 - 23
  • [25] Coverage Criteria for Automatic Security Testing of Web Applications
    Dao, Thanh Binh
    Shibayama, Etsuya
    INFORMATION SYSTEMS SECURITY, 2010, 6503 : 111 - +
  • [26] Vulnerability Coverage Criteria for Security Testing of Web Applications
    Murthy, P. V. R.
    Shilpa, R. G.
    2018 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI), 2018, : 489 - 494
  • [27] Security testing for web applications: A Systematic Literature Review
    Dominguez-Garcia, Antonio de Jesus
    Limon, Xavier
    Ocharan-Hernandez, Jorge Octavio
    Perez-Arriaga, Juan Carlos
    2023 11TH INTERNATIONAL CONFERENCE IN SOFTWARE ENGINEERING RESEARCH AND INNOVATION, CONISOFT 2023, 2023, : 82 - 91
  • [28] Study of Risk Based on Web Software Testing
    Xin, Wang
    INTERNATIONAL CONFERENCE ON GRAPHIC AND IMAGE PROCESSING (ICGIP 2012), 2013, 8768
  • [29] Research on software testing to ensure web application Usability, Reliability and Security
    He Cheng
    Liu Yanfei
    MODERN TECHNOLOGIES IN MATERIALS, MECHANICS AND INTELLIGENT SYSTEMS, 2014, 1049 : 1972 - 1976
  • [30] Testing for software security
    Thompson, HH
    Whittaker, JA
    DR DOBBS JOURNAL, 2002, 27 (11): : 24 - +
12345