Search-based Multi-Vulnerability Testing of XML Injections in Web Applications
Autor: | Sadeeq Jan, Lionel C. Briand, Andrea Arcuri, Annibale Panichella |
---|---|
Přispěvatelé: | Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab) [research center] |
Jazyk: | angličtina |
Rok vydání: | 2019 |
Předmět: |
Code injection vulnerabilities
Exploit Computer science computer.internet_protocol 02 engineering and technology computer.software_genre Search-based software engineering Security testing Article World Wide Web Search algorithm 0202 electrical engineering electronic engineering information engineering Web application Computer science [C05] [Engineering computing & technology] Unit testing vulnerabilities testing business.industry search-based software engineering 020207 software engineering Sciences informatiques [C05] [Ingénierie informatique & technologie] XML injection Web service business computer Software XML |
Zdroj: | info:eu-repo/grantAgreement/EC/H2020/694277 Empirical Software Engineering, 24(6) Empirical Software Engineering |
ISSN: | 1382-3256 |
Popis: | Modern web applications often interact with internal web services, which are not directly accessible to users. However, malicious user inputs can be used to exploit security vulnerabilities in web services through the application front-ends. Therefore, testing techniques have been proposed to reveal security flaws in the interactions with back-end web services, e.g., XML Injections (XMLi). Given a potentially malicious message between a web application and web services, search-based techniques have been used to find input data to mislead the web application into sending such a message, possibly compromising the target web service. However, state-of-the-art techniques focus on (search for) one single malicious message at a time. Since, in practice, there can be many different kinds of malicious messages, with only a few of them which can possibly be generated by a given front-end, searching for one single message at a time is ineffective and may not scale. To overcome these limitations, we propose a novel co-evolutionary algorithm (COMIX) that is tailored to our problem and uncover multiple vulnerabilities at the same time. Our experiments show that COMIX outperforms a single-target search approach for XMLi and other multi-target search algorithms originally defined for white-box unit testing. |
Databáze: | OpenAIRE |
Externí odkaz: |