Penetration Testing for Web Services

被引:14
作者
Antunes, Nuno [1 ]
Vieira, Marco [1 ]
机构
[1] Univ Coimbra, Dept Informat Engn, P-3000 Coimbra, Portugal
来源
COMPUTER | 2014年 / 47卷 / 02期
关键词
code vulnerabilities; command injection; penetration testing; SQL injection; vulnerability detection; Web security scanners; Web services;
D O I
10.1109/MC.2013.409
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance.
引用
收藏
页码:30 / 36
页数:7
相关论文
共 50 条
  • [21] <bold>WSDLTest </bold> A Tool for Testing Web Services
    Sneed, Harry M.
    Huang, Shihong
    PROCEEDINGS OF THE EIGHTH IEEE INTERNATIONAL SYMPOSIUM ON WEB SITE EVOLUTION, 2006, : 14 - +
  • [22] Monic Testing of Web Services Based on Algebraic Specifications
    Liu, Dongmei
    Wu, Xian
    Zhang, Xin
    Zhu, Hong
    Bayley, Ian
    PROCEEDINGS 2016 IEEE SYMPOSIUM ON SERVICE-ORIENTED SYSTEM ENGINEERING SOSE 2016, 2016, : 24 - 33
  • [23] Improving data perturbation testing techniques for Web services
    de Melo, Ana C. V.
    Silveira, Paulo
    INFORMATION SCIENCES, 2011, 181 (03) : 600 - 619
  • [24] A Selective Regression Testing Approach for Composite Web Services
    Buck, Paul
    Shi, Qi
    MacDermott, Aine
    PROCEEDINGS 2015 INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ESYSTEMS ENGINEERING DESE 2015, 2015, : 97 - 101
  • [25] Automated UML models merging for web services testing
    Pretre, Vincent
    de Kermadec, Adrien
    Bouquet, Fabrice
    Lang, Christophe
    Dadeau, Frederic
    INTERNATIONAL JOURNAL OF WEB AND GRID SERVICES, 2009, 5 (02) : 107 - 129
  • [26] Design and Implementation of Performance Testing Model for Web Services
    Guo, Xiao-yang
    Chen, Ying-hui
    Qiu, Xue-song
    Tang, Fan
    2010 2ND INTERNATIONAL ASIA CONFERENCE ON INFORMATICS IN CONTROL, AUTOMATION AND ROBOTICS (CAR 2010), VOL 1, 2010, : 353 - 356
  • [27] Towards Contract-based Testing of Web Services
    Heckel, Reiko
    Lohmann, Marc
    ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2005, 116 : 145 - 156
  • [28] Interoperability testing of Web Services for e-learning
    Polini, A.
    ELEKTROTECHNIK UND INFORMATIONSTECHNIK, 2005, 122 (12): : 495 - 497
  • [29] Automated Testing of Web Services Based on Algebraic Specifications
    Liu, Dongmei
    Liu, Yuxin
    Zhang, Xin
    Zhu, Hong
    Bayley, Ian
    9TH IEEE INTERNATIONAL SYMPOSIUM ON SERVICE-ORIENTED SYSTEM ENGINEERING (SOSE 2015), 2015, : 143 - 152
  • [30] A Fault Injection Tool for Testing Web Services Composition
    Bessayah, Faycal
    Cavalli, Ana
    Maja, Willian
    Martins, Eliane
    Valenti, Andre Willik
    TESTING - PRACTICE AND RESEARCH TECHNIQUES, 2010, 6303 : 137 - +
12345