Penetration Testing for Web Services

被引:14
|
作者
Antunes, Nuno [1 ]
Vieira, Marco [1 ]
机构
[1] Univ Coimbra, Dept Informat Engn, P-3000 Coimbra, Portugal
来源
COMPUTER | 2014年 / 47卷 / 02期
关键词
code vulnerabilities; command injection; penetration testing; SQL injection; vulnerability detection; Web security scanners; Web services;
D O I
10.1109/MC.2013.409
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance.
引用
收藏
页码:30 / 36
页数:7
相关论文
共 50 条
  • [41] WebSob: A tool for robustness testing of web services
    Martin, Evan
    Basu, Suranjana
    Xie, Tao
    29TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: ICSE 2007 COMPANION VOLUME, PROCEEDINGS, 2007, : 65 - +
  • [42] Platform effect on web services robustness testing
    Hanna S.
    AbuAli A.
    Journal of Applied Sciences, 2011, 11 (02) : 360 - 366
  • [43] Web Services Testing via Goal and Mutation
    Jokhio, M. Shaban
    Dobbie, Gillian
    Sun, Jing
    Hu, Tianming
    2013 18TH INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS (ICECCS), 2013, : 159 - 162
  • [44] Automated Regression Suite for Testing Web Services
    Kumar, Ashok S.
    Kumar, Golcul Prem
    Dhawan, Ankur
    2009 INTERNATIONAL CONFERENCE ON ADVANCES IN RECENT TECHNOLOGIES IN COMMUNICATION AND COMPUTING (ARTCOM 2009), 2009, : 590 - 592
  • [45] Web services wind tunnel: On performance testing large-scale stateful web services
    De Barros, Marcelo
    Shiau, Jing
    Shang, Chen
    Gidewall, Kenton
    Shi, Hui
    Forsmann, Joe
    37TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, PROCEEDINGS, 2007, : 612 - +
  • [46] A Fuzzy Classifier-Based Penetration Testing for Web Applications
    Alhassan, J. K.
    Misra, Sanjay
    Umar, A.
    Maskeliunas, Rytis
    Damasevicius, Robertas
    Adewumi, Adewole
    PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY & SYSTEMS (ICITS 2018), 2018, 721 : 95 - 104
  • [47] Work in Progress - Web Penetration Testing: Effectiveness of Student Learning in Web Application Security
    Kam, Hwee-Joo
    Pauli, Joshua J.
    2011 FRONTIERS IN EDUCATION CONFERENCE (FIE), 2011,
  • [48] Web services testing, the methodology, and the implementation of the automation-testing tool
    Li, Y
    Li, ML
    Yu, JA
    GRID AND COOPERATIVE COMPUTING, PT 1, 2004, 3032 : 940 - 947
  • [49] Improving data perturbation testing techniques for Web services
    de Melo, Ana C. V.
    Silveira, Paulo
    INFORMATION SCIENCES, 2011, 181 (03) : 600 - 619
  • [50] Monic Testing of Web Services Based on Algebraic Specifications
    Liu, Dongmei
    Wu, Xian
    Zhang, Xin
    Zhu, Hong
    Bayley, Ian
    PROCEEDINGS 2016 IEEE SYMPOSIUM ON SERVICE-ORIENTED SYSTEM ENGINEERING SOSE 2016, 2016, : 24 - 33
12345