Software Security Testing of Web Applications Based on SSD

被引:0
|
作者
Hui, Zhanwei [1 ]
Huang, Song [1 ]
机构
[1] PLA Univ Sci & Technol, Inst Comman Automat, PLA Software Test & Evaluat Ctr Mil Training, Nanjing, Jiangsu, Peoples R China
来源
ADVANCED INTELLIGENT COMPUTING THEORIES AND APPLICATIONS | 2010年 / 93卷
关键词
Software security test; Function test; Vulnerability; Software security defect; Defect behavior;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Due to the increasing complexity of Web applications, traditional function security testing, which only tests and validates software security mechanisms, is becoming ineffective to detect latent software security defects (SSD). The number of reported web application vulnerabilities is increasing dramatically. However, the most of vulnerabilities result from some typical SSD. Based on SSD, this paper presents an effective software security testing (SST) model, which extends traditional security testing process to defects behavior analysis which incorporates advantages of traditional testing method and SSD-based security testing methodology. Primary applications show the effectiveness of our test model.
引用
收藏
页码:527 / 534
页数:8
相关论文
共 50 条
  • [41] Risk-Based Security Requirements Model for Web Software
    Ezenwoye, Onyeka
    Liu, Yi
    2022 IEEE 30TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW), 2022, : 232 - 237
  • [42] Slice Based Testing of CGI Based Web Applications
    Sahu, Madhusmita
    Mohapatra, Durga Prasad
    DISTRIBUTED COMPUTING AND INTERNET TECHNOLOGY, ICDCIT 2015, 2015, 8956 : 253 - 256
  • [43] Regression testing for web applications based on slicing
    Xu, L
    Xu, BW
    Chen, ZQ
    Jiang, JX
    Chen, HW
    27TH ANNUAL INTERNATIONAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE, PROCEEDINGS, 2003, : 652 - 656
  • [44] Online testing of web-based applications
    Wang, QX
    Quan, LN
    Ying, FC
    PROCEEDINGS OF THE 28TH ANNUAL INTERNATIONAL COMPUTER SOFTWARE AND APPLICATION CONFERENCE, WORKSHOP AND FAST ABSTRACTS, 2004, : 166 - 169
  • [45] Model-based testing for Web applications
    Miao H.-K.
    Chen S.-B.
    Zeng H.-W.
    Jisuanji Xuebao/Chinese Journal of Computers, 2011, 34 (06): : 1012 - 1028
  • [46] Software and Web Applications Security: State-of-the-Art Courseware and Learning Paradigm
    Uskov, Alexander V.
    2013 IEEE GLOBAL ENGINEERING EDUCATION CONFERENCE (EDUCON), 2013, : 608 - 611
  • [47] Search Based Software Testing for Software Security: Breaking Code to Make it Safer
    Antoniol, Giuliano
    ICSTW 2009: IEEE INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION, AND VALIDATION WORKSHOPS, 2009, : 87 - 100
  • [48] An integrated multi-agent testing tool for security checking of agent-based web applications
    Eassa, Fathy E.
    Zaki, M.
    Eassa, Ahmed M.
    Aljehani, Tahani
    WSEAS Transactions on Computers, 2014, 13 : 9 - 19
  • [49] Research on software security testing
    Gu, Tian-yang
    Shi, Yin-sheng
    Fang, You-yuan
    World Academy of Science, Engineering and Technology, 2010, 45 : 647 - 651
  • [50] Research on Software security testing
    Tian-yang, Gu
    Yin-sheng, Shi
    You-yuan, Fang
    World Academy of Science, Engineering and Technology, 2010, 70 : 647 - 651
12345