Dynamic test input generation for web applications

Wassermann, Gary; Yu, Dejian; Chander, Ajay; Dhurjati, Dinakar; Inamura, Hiroshi; Su, Zhendong

doi:10.1145/1390630.1390661

Cited by 123 publications

(82 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since then, other researchers have extended the concolic technique to handle PHP code [10], [32]. Wassermann et al [10] and Artzi et al [32] have also utilized a concolic approach to generate test cases for PHP web applications. Other test case generation techniques for web applications use crawlers and spiders to identify and test web application interfaces.…”

Section: Related Workmentioning

confidence: 99%

“…While their work has made some progress in this area, they have only provided guidance for creating new tests [7], generated new test cases limited to numeric values [9], and considered only small desktop applications. However, web applications involve different challenges than desktop applications written in C or Java [10], and the majority of web applications heavily deal with strings in addition to numeric values. In addition, while Taneja et al [8] propose an efficient test generation technique by pruning unnecessary paths, the dynamic symbolic execution-based test generation approach used by other researchers can still be expensive and infeasible when we apply it to large size applications.…”

Section: Introductionmentioning

confidence: 99%

“…In particular, we focus on web applications written in PHP which is widely used to implement web applications [10]. To do so, the following steps are required: (1) Identifying the areas of the application impacted by the patches and (2) Generating new test cases for the impacted areas of code by using program slices and considering both string and numeric input values.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An Effective Regression Testing Approach for PHP Web Applications

Marback

Ehresmann

2012

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation

View full text Add to dashboard Cite

Abstract-Web applications change and are upgraded frequently due to security attacks, feature updates, or user preference changes. These fixes often involve small patches or revisions, but still, testers need to perform regression testing on their products to ensure that the changes have not introduced new faults. Applying regression testing to the entire product, however, can be very expensive, and often, companies cannot afford to do this because, typically, the turnaround time to release patches is expected to be short. One solution is focusing only on the areas of code that have been changed and performing regression testing on them. In this way, companies can provide quick patches more dependably whenever they encounter security breaches. In this paper, we propose a new regression testing approach that is applied to frequently patched web applications, considering security problems, and in particular, focusing on PHP programs. Our approach identifies the affected areas by code changes using impact analysis and generates new test cases for the impacted areas by changes using program slices considering both numeric and string input values. To facilitate our approach, we implemented a PHP Analysis and Regression Testing Engine (PARTE) and performed a controlled experiment using open source web applications. The results show that our approach is effective in reducing the cost of regression testing for frequently patched web applications.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An Effective Regression Testing Approach for PHP Web Applications

Marback

Ehresmann

2012

2012 IEEE Fifth International Conference on Software Testing, Verification and Validation

View full text Add to dashboard Cite

show abstract

“…Concolic execution [15,23,13,6] is an alternative popular approach that mix symbolic and concrete execution to generate test cases. The code under test is executed initially on random inputs and symbolic constrains on are collected at run-time on assignments and decision points (branches).…”

Section: Related Workmentioning

confidence: 99%

Towards security testing with taint analysis and genetic algorithms

Avancini

Ceccato

2010

Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems

View full text Add to dashboard Cite

Cross site scripting is considered the major threat to the security of web applications. Removing vulnerabilities from existing web applications is a manual expensive task that would benefit from some level of automatic assistance. Static analysis represents a valuable support for security review, by suggesting candidate vulnerable points to be checked manually. However, potential benefits are quite limited when too many false positives, safe portions of code classified as vulnerable, are reported.In this paper, we present a preliminary investigation on the integration of static analysis with genetic algorithms. We show that this approach can suggest candidate false positives reported by static analysis and provide input vectors that expose actual vulnerabilities, to be used as test cases in security testing.

show abstract

“…To date, researchers have developed various security testing techniques. These include techniques that generate test cases or identify vulnerabilities focusing on specific attacks, such as SQL injection or cross-site scripting (XSS) [4][5][6][7]; generate test cases using model-based approaches, such as threat modeling or use case modeling [8][9][10][11][12]; and generate test cases from control policy specifications [13,14] (Section 2 provides details).…”

Section: Introductionmentioning

confidence: 99%

A threat model‐based approach to security testing

Marback

et al. 2012

Softw Pract Exp

View full text Add to dashboard Cite

SUMMARYSoftware security issues have been a major concern in the cyberspace community, so a great deal of research on security testing has been performed, and various security testing techniques have been developed. Threat modeling provides a systematic way to identify threats that might compromise security, and it has been a well-accepted practice by the industry, but test case generation from threat models has not been addressed yet. Thus, in this paper, we propose a threat model-based security testing approach that automatically generates security test sequences from threat trees and transforms them into executable tests. The security testing approach we consider consists of three activities in large: building threat models with threat trees; generating security test sequences from threat trees; and creating executable test cases by considering valid and invalid inputs. To support our approach, we implemented security test generation techniques, and we also conducted an empirical study to assess the effectiveness of our approach. The results of our study show that our threat tree-based approach is effective in exposing vulnerabilities.

show abstract

Dynamic test input generation for web applications

Cited by 123 publications

References 21 publications

An Effective Regression Testing Approach for PHP Web Applications

An Effective Regression Testing Approach for PHP Web Applications

Towards security testing with taint analysis and genetic algorithms

A threat model‐based approach to security testing

Contact Info

Product

Resources

About