scholarly journals MobSTer: A model-based security testing framework for web applications

2018 ◽  
Vol 28 (8) ◽  
pp. e1685 ◽  
Author(s):  
Michele Peroli ◽  
Federico De Meo ◽  
Luca Viganò ◽  
Davide Guardini
Keyword(s):  
Web Applications ◽  
Security Testing ◽  
Testing Framework ◽  
Model Based

Vulnerability Model-Based Web Applications Security Testing Approach

2014 ◽  
Vol 678 ◽  
pp. 468-472 ◽  
Author(s):  
Cheng He ◽  
Yan Fei Liu
Keyword(s):  
Web Applications ◽  
Behavioral Model ◽  
Security Testing ◽  
Multiple Objects ◽  
Security Vulnerabilities ◽  
Model Based ◽  
Vulnerability Model ◽  
Depth Analysis ◽  
Testing Approach ◽  
Security Test

This paper combines an analysis of structural modeling on security vulnerabilities and a focused behavioral model examination to develop a vulnerability model to depict and reason about security vulnerabilities. An in-depth analysis of the structural models and the corresponding diagram of the applications come from the investigation of not only multiple vulnerable operations on multiple objects being involved in exploiting vulnerability but also the vulnerability data and corresponding data flow inspections deriving from behavioral modeling of the application. We also propose a vulnerability model-based security testing approach that automatically generates security test sequences from vulnerability model diagram and transforms them into executable tests on the basis of the vulnerable operations and vulnerability data.

Security Testing Framework for Web Applications

2022 ◽  
pp. 453-479
Author(s):  
Layla Mohammed Alrawais ◽  
Mamdouh Alenezi ◽  
Mohammad Akour
Keyword(s):  
Web Applications ◽  
False Positive Rate ◽  
Requirement Engineering ◽  
Security Threats ◽  
Security Measures ◽  
Security Testing ◽  
Web Based ◽  
Testing Framework ◽  
Positive Rate ◽  
Detection Ratio

The growth of web-based applications has increased tremendously from last two decades. While these applications bring huge benefits to society, yet they suffer from various security threats. Although there exist various techniques to ensure the security of web applications, still a large number of applications suffer from a wide variety of attacks and result in financial loses. In this article, a security-testing framework for web applications is proposed with an argument that security of an application should be tested at every stage of software development life cycle (SDLC). Security testing is initiated from the requirement engineering phase using a keyword-analysis phase. The output of the first phase serves as input to the next phase. Different case study applications indicate that the framework assists in early detection of security threats and applying appropriate security measures. The results obtained from the implementation of the proposed framework demonstrated a high detection ratio with a less false-positive rate.

Security Testing Framework for Web Applications

2018 ◽  
Vol 6 (3) ◽  
pp. 93-117 ◽  
Author(s):  
Layla Mohammed Alrawais ◽  
Mamdouh Alenezi ◽  
Mohammad Akour
Keyword(s):  
Web Applications ◽  
False Positive Rate ◽  
Requirement Engineering ◽  
Security Threats ◽  
Security Measures ◽  
Security Testing ◽  
Web Based ◽  
Testing Framework ◽  
Positive Rate ◽  
Detection Ratio

The growth of web-based applications has increased tremendously from last two decades. While these applications bring huge benefits to society, yet they suffer from various security threats. Although there exist various techniques to ensure the security of web applications, still a large number of applications suffer from a wide variety of attacks and result in financial loses. In this article, a security-testing framework for web applications is proposed with an argument that security of an application should be tested at every stage of software development life cycle (SDLC). Security testing is initiated from the requirement engineering phase using a keyword-analysis phase. The output of the first phase serves as input to the next phase. Different case study applications indicate that the framework assists in early detection of security threats and applying appropriate security measures. The results obtained from the implementation of the proposed framework demonstrated a high detection ratio with a less false-positive rate.

Model-Based Testing for Web Applications

2011 ◽  
Vol 34 (6) ◽  
pp. 1012-1028 ◽  
Author(s):  
Huai-Kou MIAO ◽  
Sheng-Bo CHEN ◽  
Hong-Wei ZENG
Keyword(s):  
Web Applications ◽  
Model Based ◽  
Model Based Testing

scholarly journals The Security Aspect of Applications in Kosovo Companies

2018 ◽  
Vol 13 (1) ◽  
pp. 221
Author(s):  
Festim Halili ◽  
Lirie Koraqi
Keyword(s):  
Web Applications ◽  
Research Problem ◽  
Security Testing ◽  
Theoretical Concepts ◽  
Software Applications ◽  
Study Case

This paper addresses the security aspects of the software applications in the framework of several entrepreneurship. It has a certain goal and structure, through which it modestly aims to present the security aspect of web applications in Kosovo companies. At first we tried to give some theoretical concepts about security in general and security testing in particular. The key research elaboration of the research problem addresses the security aspect in the sector of companies that develop applications and do their testing, here we will dwell on a case-study case of different companies in Kosovo. The purpose of this section is to argue the importance of security and its application to various companies.

Sign in / Sign up

Export Citation Format

Share Document