Enter your keyword

2-s2.0-85050650778

[vc_empty_space][vc_empty_space]

Web application fuzz testing

Andrianto I.a, Liem M.M.I.a, Asnar Y.D.W.a

a Sekolah Teknik Elektro Dan Informatika, Institut Teknologi Bandung, Bandung, 40132, Indonesia

[vc_row][vc_column][vc_row_inner][vc_column_inner][vc_separator css=”.vc_custom_1624529070653{padding-top: 30px !important;padding-bottom: 30px !important;}”][/vc_column_inner][/vc_row_inner][vc_row_inner layout=”boxed”][vc_column_inner width=”3/4″ css=”.vc_custom_1624695412187{border-right-width: 1px !important;border-right-color: #dddddd !important;border-right-style: solid !important;border-radius: 1px !important;}”][vc_empty_space][megatron_heading title=”Abstract” size=”size-sm” text_align=”text-left”][vc_column_text]© 2017 IEEE.Security is very important aspect of a web application. Therefore security testing is needed to find vulnerabilities on web applications. One of security testing technique is fuzz testing. Fuzz testing or fuzzing is a software testing technique done by giving a set of invalid inputs to the application under test. Fuzz testing is usually done by a tool. In fuzz testing for web application, a set of HTTP requests will be sent to the application under test in order to see how the application behaves when getting various inputs. It would be better if fuzz testing for web application can run automatically on certain conditions. In this research, we develop a platform and tools for web application fuzz testing automation that can be integrated to Jenkins. The tool has been tested on web applications with known vulnerabilities. In 13 of the 15 test cases, the tool can successfully found the presence of vulnerabilities. Based on the results, most vulnerabilities can be detected based on HTTP response content.[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Author keywords” size=”size-sm” text_align=”text-left”][vc_column_text]Application under tests,Continuous integration testing,Fuzz Testing,security,Security testing,Software testing techniques,Test case,WEB application[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Indexed keywords” size=”size-sm” text_align=”text-left”][vc_column_text]continuous integration testing,fuzz testing,security,web application[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Funding details” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”DOI” size=”size-sm” text_align=”text-left”][vc_column_text]https://doi.org/10.1109/ICODSE.2017.8285893[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/4″][vc_column_text]Widget Plumx[/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][/vc_column][/vc_row]