Software security testing based on typical SSD:A case study

Software security testing based on typical SSD:A case study

Due to the increasing complexity of Web applications, traditional function security testing ways, which only test and validate software security mechanisms, are becoming ineffective to detect latent software security defects (SSD). The number of reported web application vulnerabilities is increasing...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Zhanwei Hui, Song Huang, Bin Hu, Yi Yao
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Authentication
Buffer storage
defect behavior
Electronic mail
Encoding
Forgery
function test
Software
software security defect
software security test
vulnerability
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Due to the increasing complexity of Web applications, traditional function security testing ways, which only test and validate software security mechanisms, are becoming ineffective to detect latent software security defects (SSD). The number of reported web application vulnerabilities is increasing dramatically. However, the most of vulnerabilities result from some typical SSD. Based on SSD, this paper presents an effective software security testing (SST) model, which extends traditional security testing process to defects behavior analysis which incorporates advantages of traditional testing method and SSD-based security testing methodology. Primary applications show the effectiveness of our test model.
ISSN:2154-7491
2154-7505
DOI:10.1109/ICACTE.2010.5579101