Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Huang, YW | en_US |
| dc.contributor.author | Tsai, CH | en_US |
| dc.contributor.author | Lin, TP | en_US |
| dc.contributor.author | Huang, SK | en_US |
| dc.contributor.author | Lee, DT | en_US |
| dc.contributor.author | Kuo, SY | en_US |
| dc.date.accessioned | 2014-12-08T15:18:38Z | - |
| dc.date.available | 2014-12-08T15:18:38Z | - |
| dc.date.issued | 2005-08-05 | en_US |
| dc.identifier.issn | 1389-1286 | en_US |
| dc.identifier.uri | http://dx.doi.org/10.1016/j.comnet.2005.01.003 | en_US |
| dc.identifier.uri | http://hdl.handle.net/11536/13405 | - |
| dc.description.abstract | The rapid development phases and extremely short turnaround time of Web applications make it difficult to eliminate their vulnerabilities. Here we study how software testing techniques such as fault injection and runtime monitoring can be applied to Web applications. We implemented our proposed mechanisms in the Web Application Vulnerability and Error Scanner (WAVES)-a black-box testing framework for automated Web application security assessment. Real-world situations are used to test WAVES and to compare it with other tools. Our results show that WAVES is a feasible platform for assessing Web application security. (c) 2005 Elsevier B.V. All rights reserved. | en_US |
| dc.language.iso | en_US | en_US |
| dc.subject | Web application testing | en_US |
| dc.subject | security assessment | en_US |
| dc.subject | fault injection | en_US |
| dc.subject | black-box testing | en_US |
| dc.subject | complete crawling | en_US |
| dc.title | A testing framework for Web application security assessment | en_US |
| dc.type | Article | en_US |
| dc.identifier.doi | 10.1016/j.comnet.2005.01.003 | en_US |
| dc.identifier.journal | COMPUTER NETWORKS | en_US |
| dc.citation.volume | 48 | en_US |
| dc.citation.issue | 5 | en_US |
| dc.citation.spage | 739 | en_US |
| dc.citation.epage | 761 | en_US |
| dc.contributor.department | 資訊工程學系 | zh_TW |
| dc.contributor.department | Department of Computer Science | en_US |
| dc.identifier.wosnumber | WOS:000231609300004 | - |
| dc.citation.woscount | 13 | - |
| Appears in Collections: | Articles | |
Files in This Item:
If it is a zip file, please download the file and unzip it, then open index.html in a browser to view the full text content.
- 一個Web 應用程式的錯誤殖入測試平台設計 / 蔡忠宏;Chung-Hung Tsai;黃世昆;Shih-Kun Huang
- CRAXweb: Automatic Web Application Testing and Attack Generation / Huang, Shih-Kun;Lu, Han-Lin;Leong, Wai-Meng;Liu, Huan
- 用於網路漏洞掃描器之選擇性進入點探查 / 洪偉達;謝續平;Hong, Wei-Da;Shieh, Shiuhpyng
- 跨平台 Web程式測試與攻擊產生系統 / 劉歡;Liu, Huan;黃世昆;Huang, Shih-Kun
- 自動化網頁測試與攻擊產生 / 梁偉明;Leong, Wai-Meng;黃世昆;Huang, Shih-Kun
- 基於 QEMU 所模擬系統與軟體之回歸測試框架 / 林伯謙;Lin, Po-Chien;黃世昆;Huang, Shih-Kun
- 網路應用程式之繞穿安全檢測 / 鄭皓文;謝續平;Cheng, Hao-Wen;Shieh, Shiuh-Pyng
- Constructing an object-oriented architecture for Web application testing / Yang, JT;Huang, JL;Wang, FJ;Chu, WC
- A fuzzy outranking approach in risk analysis of web service security / Wang, Ping;Chao, Kuo-Ming;Lo, Chi-Chun;Huang, Chun-Lung;Younas, Muhammad
Loading...