Abstract | ||
---|---|---|
We present an approach to detect web injection vulnerabilities by generating test inputs using a combination of model inference and evolutionary fuzzing. Model inference is used to obtain a knowledge about the application behavior. Based on this understanding, inputs are generated using genetic algorithm (GA). GA uses the learned formal model to automatically generate inputs with better fitness values towards triggering an instance of the given vulnerability. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1109/ICST.2012.181 | Software Testing, Verification and Validation |
Keywords | Field | DocType |
better fitness value,model inference,test input,genetic algorithm,application behavior,evolutionary fuzzing,web injection vulnerability,formal model,xss vulnerability detection,model inference assisted evolutionary,internet,fuzzy set theory,testing,html,security testing,security,genetic algorithms,production,grammar | Data mining,Model inference,Fuzz testing,Evolutionary algorithm,Computer science,Fuzzy set,Cross-site scripting,Genetic algorithm,Vulnerability,Vulnerability detection | Conference |
ISBN | Citations | PageRank |
978-1-4577-1906-6 | 18 | 0.87 |
References | Authors | |
9 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Fabien Duchene | 1 | 402 | 19.73 |
Roland Groz | 2 | 496 | 50.60 |
Sanjay Rawat | 3 | 146 | 10.59 |
Jean-Luc Richier | 4 | 359 | 45.60 |