Penetration Testing for Web Services

被引:14
|
作者
Antunes, Nuno [1 ]
Vieira, Marco [1 ]
机构
[1] Univ Coimbra, Dept Informat Engn, P-3000 Coimbra, Portugal
来源
COMPUTER | 2014年 / 47卷 / 02期
关键词
code vulnerabilities; command injection; penetration testing; SQL injection; vulnerability detection; Web security scanners; Web services;
D O I
10.1109/MC.2013.409
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance.
引用
收藏
页码:30 / 36
页数:7
相关论文
共 50 条
  • [21] Mutation Based Testing of Web Services
    da Silva Solino, Andre Luiz
    Vergilio, Silvia Regina
    LATW: 2009 10TH LATIN AMERICAN TEST WORKSHOP, 2009, : 135 - 140
  • [22] Robustness Testing of Web Services Composition
    Rabhi, Issam
    2012 IEEE 14TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS & 2012 IEEE 9TH INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS (HPCC-ICESS), 2012, : 631 - 638
  • [23] Automatic conformance testing of Web services
    Heckel, R
    Mariani, L
    FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING, PROCEEDINGS, 2005, 3442 : 34 - 48
  • [24] Testing web services using progressive group testing
    Tsai, WT
    Chen, YO
    Cao, ZB
    Bai, XY
    Huang, H
    Paul, R
    CONTENT COMPUTING, PROCEEDINGS, 2004, 3309 : 314 - 322
  • [25] Fault-based Web Services testing
    Hanna, Samer
    Munro, Malcolm
    PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, 2008, : 471 - 476
  • [26] Automated testing and response analysis of web services
    Martin, Evan
    Basu, Suranjana
    Xie, Tao
    2007 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, PROCEEDINGS, 2007, : 647 - +
  • [27] Specifications for Web Services testing: A Systematic Review
    Nabil, El Ioini
    2015 IEEE World Congress on Services, 2015, : 152 - 159
  • [28] Exploring perturbation based testing for Web Services
    de Almeida, Lourival F.
    Vergilio, Silvia R.
    ICWS 2006: IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, PROCEEDINGS, 2006, : 717 - +
  • [29] Web services interoperability testing based on ontology
    Yu, Y
    Huang, N
    Ye, M
    FIFTH INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY - PROCEEDINGS, 2005, : 1075 - 1079
  • [30] Bootstrapping Automated Testing for RESTful Web Services
    Chen, Yixiong
    Yang, Yang
    Lei, Zhanyao
    Xia, Mingyuan
    Qi, Zhengwei
    FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING (FASE 2021), 2021, 12649 : 46 - 66
12345