XSS Vulnerability Detection Using Model Inference Assisted Evolutionary Fuzzing

Duchene, Fabien; Groz, Roland; Rawat, Sanjay; Richier, Jean-Luc

doi:10.1109/icst.2012.181

Cited by 56 publications

(35 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In the latter the authors introduce the application of model-based testing and in [24], [25], [26] the authors discuss further applications of fuzz testing to the security domain. In contrast to these previous research articles we focus on models of attack patterns for testing instead of models of the SUT.…”

Section: Related Workmentioning

confidence: 99%

Security Testing Based on Attack Patterns

Božić

Wotawa

2014

2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

Testing for security related issues is an important task of growing interest due to the vast amount of applications and services available over the internet. In practice testing for security often is performed manually with the consequences of higher costs, and no integration of security testing with today's agile software development processes. In order to bring security testing into practice, many different approaches have been suggested including fuzz testing and model-based testing approaches. Most of these approaches rely on models of the system or the application domain. In this paper we suggest to formalize attack patterns from which test cases can be generated and even executed automatically. Hence, testing for known attacks can be easily integrated into software development processes where automated testing, e.g., for daily builds, is a requirement. The approach makes use of UML state charts. Besides discussing the approach, we illustrate the approach using a case study.

show abstract

Section: Related Workmentioning

confidence: 99%

Security Testing Based on Attack Patterns

Božić

Wotawa

2014

2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

show abstract

“…A novel system for detecting XSS vulnerability was designed based on model inference and evolutionary fuzzing [25].…”

Section: Related Workmentioning

confidence: 99%

Detecting Cross-Site Scripting in Web Applications Using Fuzzy Inference System

Ayeni

Sahalu

Adeyanju

2018

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

With improvement in computing and technological advancements, web-based applications are now ubiquitous on the Internet. However, these web applications are becoming prone to vulnerabilities which have led to theft of confidential information, data loss, and denial of data access in the course of information transmission. Cross-site scripting (XSS) is a form of web security attack which involves the injection of malicious codes into web applications from untrusted sources. Interestingly, recent research studies on the web application security centre focus on attack prevention and mechanisms for secure coding; recent methods for those attacks do not only generate high false positives but also have little considerations for the users who oftentimes are the victims of malicious attacks. Motivated by this problem, this paper describes an "intelligent" tool for detecting cross-site scripting flaws in web applications. is paper describes the method implemented based on fuzzy logic to detect classic XSS weaknesses and to provide some results on experimentations. Our detection framework recorded 15% improvement in accuracy and 0.01% reduction in the false-positive rate which is considerably lower than that found in the existing work by Koli et al. Our approach also serves as a decision-making tool for the users.

show abstract

“…Doing this, you introduce a bias in the efficiency of the attacks. Attacks should be tailored to the injection point to be effective like in Duchene et al approach [22]; otherwise, depending on the injection point, your XSS attack can be rendered useless (while with the same vector, an attacker can succeed). Most of XSS research works focus either on detection of XSS attacks [1], [3], or on finding XSS vulnerabilities [23], [24].…”

Section: Related Workmentioning

confidence: 99%

“…Undermining the influence of charset, doctype and browser behavior in an xss attack can lead to false positives in web application vulnerability scanners. Some testing strategies rely on one instrumented web browser [22], [27] to assess XSS Vulnerabilities, thus ignoring vulnerabilities related to XSS vectors bound to a specific web browser. The only exception in this topic is the xenotix XSS testing tool [28] wich embeds 3 different browser engines (Trident from IE, Webkit from Chrome/Safari and Gecko from Firefox) to deal with browserspecific XSS vectors.…”

Section: Related Workmentioning

confidence: 99%

Empirical Investigation of the Web Browser Attack Surface under Cross-Site Scripting: An Urgent Need for Systematic Security Regression Testing

Abgrall

Traon²,

Gombault

et al. 2014

2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

Abstract-One of the major threats against web applications is Cross-Site Scripting (XSS). The final target of XSS attacks is the client running a particular web browser. During this last decade, several competing web browsers (IE, Netscape, Chrome, Firefox) have evolved to support new features. In this paper, we explore whether the evolution of web browsers is done using systematic security regression testing. Beginning with an analysis of their current exposure degree to XSS, we extend the empirical study to a decade of most popular web browser versions. We use XSS attack vectors as unit test cases and we propose a new method supported by a tool to address this XSS vector testing issue. The analysis on a decade releases of most popular web browsers including mobile ones shows an urgent need of XSS regression testing. We advocate the use of a shared security testing benchmark as a good practice and propose a first set of publicly available XSS vectors as a basis to ensure that security is not sacrificed when a new version is delivered.

show abstract

XSS Vulnerability Detection Using Model Inference Assisted Evolutionary Fuzzing

Cited by 56 publications

References 8 publications

Security Testing Based on Attack Patterns

Security Testing Based on Attack Patterns

Detecting Cross-Site Scripting in Web Applications Using Fuzzy Inference System

Empirical Investigation of the Web Browser Attack Surface under Cross-Site Scripting: An Urgent Need for Systematic Security Regression Testing

Contact Info

Product

Resources

About