Penetration Testing for Web Services

被引:14
作者
Antunes, Nuno [1 ]
Vieira, Marco [1 ]
机构
[1] Univ Coimbra, Dept Informat Engn, P-3000 Coimbra, Portugal
来源
COMPUTER | 2014年 / 47卷 / 02期
关键词
code vulnerabilities; command injection; penetration testing; SQL injection; vulnerability detection; Web security scanners; Web services;
D O I
10.1109/MC.2013.409
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance.
引用
收藏
页码:30 / 36
页数:7
相关论文
共 50 条
  • [1] Comparing the Effectiveness of Penetration Testing and Static Code Analysis on the Detection of SQL Injection Vulnerabilities in Web Services
    Antunes, Nuno
    Vieira, Marco
    IEEE 15TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING, PROCEEDINGS, 2009, : 301 - 306
  • [2] A Black-Box Approach to Detect Vulnerabilities in Web Services Using Penetration Testing
    Salas, M. I. P.
    Martins, E.
    IEEE LATIN AMERICA TRANSACTIONS, 2015, 13 (03) : 707 - 712
  • [3] Testing Web Services
    Siblini, Reda
    Mansour, Nashat
    3RD ACS/IEEE INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS, 2005, 2005,
  • [4] Testing Web Services in the Cloud
    Sneed, Harry M.
    SOFTWARE QUALITY: INCREASING VALUE IN SOFTWARE AND SYSTEMS DEVELOPMENT, 2013, 133 : 70 - 88
  • [5] Testing Web Services as Agents
    Sloan, John C.
    Khoshgoftaar, Taghi M.
    Folleco, Andres
    14TH ISSAT INTERNATIONAL CONFERENCE ON RELIABILITY AND QUALITY IN DESIGN, PROCEEDINGS, 2008, : 151 - 155
  • [6] Collaborative Testing of Web Services
    Zhu, Hong
    Zhang, Yufeng
    IEEE TRANSACTIONS ON SERVICES COMPUTING, 2012, 5 (01) : 116 - 130
  • [7] Testing web services by XML perturbation
    Xu, Wuzhi
    Offutt, Jeff
    Luo, Juan
    16TH IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING, PROCEEDINGS, 2005, : 257 - 266
  • [8] An Efficient Performance Testing of Web Services
    Hasnain, Muhammad
    Pasha, Muhammad Fermi
    Ghani, Imran
    Babar, Muhammad Imran
    2019 22ND IEEE INTERNATIONAL MULTI TOPIC CONFERENCE (INMIC), 2019, : 170 - 177
  • [9] A Study on Testing For Web Services Composition
    Rusli, Hazlifah Mohd
    Ibrahim, Suhaimi
    Puteh, Mazidah
    KNOWLEDGE MANAGEMENT AND INNOVATION: A BUSINESS COMPETITIVE EDGE PERSPECTIVE, VOLS 1-3, 2010, : 1547 - +
  • [10] Testing web services using progressive group testing
    Tsai, WT
    Chen, YO
    Cao, ZB
    Bai, XY
    Huang, H
    Paul, R
    CONTENT COMPUTING, PROCEEDINGS, 2004, 3309 : 314 - 322
12345