SCOPUS 정보 검색 플랫폼

Proceedings - 2nd International Conference on Software Testing, Verification, and Validation, ICST 2009

Volumn , Issue , 2009, Pages 346-355

Penetration testing with improved input vector identification

(3) Halfond, William G J a Choudhary, Shauvik Roy a Orso, Alessandro a

a Georgia Institute of Technology (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ANALYSIS TECHNIQUES; CURRENT TECHNIQUES; INPUT VECTOR; NEW APPROACHES; PENETRATION TESTING; TARGET APPLICATION; WEB APPLICATION;

COMPUTER SOFTWARE SELECTION AND EVALUATION; SOFTWARE TESTING; VERIFICATION; WORLD WIDE WEB;

VECTORS;

EID: 67650177535 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: 10.1109/ICST.2009.26 Document Type: Conference Paper

Times cited : (46)

References (21)

1
- 22144441364
- Testing Web applications by modeling with FSMs
- DOI 10.1007/s10270-004-0077-7
- A. A. Andrews, J. Offutt, and R. T. Alexander. Testing Web Applications by Modeling with FSMs. In Software Systems and Modeling, pages 326-345, July 2005. (Pubitemid 40984097)
- (2005) Software and Systems Modeling , vol.4 , Issue.3 , pp. 326-345
- Andrews, A.A.¹ Offutt, J.² Alexander, R.T.³

2
- 14744271696
- Software penetration testing
- DOI 10.1109/MSP.2005.23
- B. Arkin, S. Stender, and G. McGraw. Software penetration testing. IEEE Security & Privacy, 3(1):84 - 87, 2005. (Pubitemid 40325588)
- (2005) IEEE Security and Privacy , vol.3 , Issue.1 , pp. 84-87
- Arkin, B.¹ Stender, S.² McGraw, G.³

3
- 37249006310
- About penetration testing
- M. Bishop. About Penetration Testing. IEEE Security & Privacy, 5(6):84-87, 2007.
- (2007) IEEE Security & Privacy , vol.5 , Issue.6 , pp. 84-87
- Bishop, M.¹

4
- 33947386607
- Testingweb database applications
- Y. Deng, P. Frankl, and J.Wang. TestingWeb Database Applications. SIGSOFT Software Engineering Notes, 29(5):1- 10, 2004.
- (2004) SIGSOFT Software Engineering Notes , vol.29 , Issue.5 , pp. 1-10
- Deng, Y.¹ Frankl, P.² Wang, J.³

5
- 37149023188
- Web application characterization through directed requests
- May.
- S. Elbaum, K.-R. Chilakamarri, M. F. II, and G. Rothermel. Web Application Characterization Through Directed Requests. In International Workshop on Dynamic Analysis, May 2006.
- (2006) In International Workshop on Dynamic Analysis
- Elbaum, S.¹ Chilakamarri, K.-R.² Ii, M.F.³ Rothermel, G.⁴

6
- 0037925531
- Improvingweb application testing with user session data
- November.
- S. Elbaum, S. Karre, and G. Rothermel. ImprovingWeb Application Testing with User Session Data. In International Conference on Software Engineering, November 2003.
- (2003) In International Conference on Software Engineering
- Elbaum, S.¹ Karre, S.² Rothermel, G.³

7
- 21244487905
- Leveraging user-session data to support web application testing
- DOI 10.1109/TSE.2005.36
- S. Elbaum, G. Rothermel, S. Karre, and M. F. II. Leveraging User-Session Data to Support Web Application Testing. IEEE Transactions On Software Engineering, 31(3):187- 202, March 2005. (Pubitemid 40890001)
- (2005) IEEE Transactions on Software Engineering , vol.31 , Issue.3 , pp. 187-202
- Elbaum, S.¹ Rothermel, G.² Karre, S.³ Fisher II, M.⁴

8
- 84948991207
- Penetration testing: A duet
- December.
- D. Geer and J. Harthorne. Penetration testing: a duet. In Proceedings of the 18th Annual Computer Security Applications Conference., December 2002.
- (2002) Proceedings of the 18th Annual Computer Security Applications Conference.
- Geer, D.¹ Harthorne, J.²

9
- 4544280668
- Static checking of dynamically generated queries in database applications
- May.
- C. Gould, Z. Su, and P. Devanbu. Static Checking of Dynamically Generated Queries in Database Applications. In Proc. of the 26th International Conference on Software Engineering, May 2004.
- (2004) In Proc. of the 26th International Conference on Software Engineering
- Gould, C.¹ Su, Z.² Devanbu, P.³

10
- 34547379435
- Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
- November.
- W. Halfond, A. Orso, and P.Manolios. Using Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks. In Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering, November 2006.
- (2006) Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering
- Halfond, W.¹ Orso, A.² Manolios, P.³

11
- 40449091840
- WASP: Protecting web applications using positive tainting and syntax-aware evaluation
- DOI 10.1109/TSE.2007.70748
- W. Halfond, A. Orso, and P. Manolios. WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation. IEEE Transactions on Software Engineering, 34(1):65-81, 2008. (Pubitemid 351343903)
- (2008) IEEE Transactions on Software Engineering , vol.34 , Issue.1 , pp. 65-81
- Halfond, W.G.J.¹ Orso, A.² Manolios, P.³

12
- 37849004456
- Improving test case generation for web applications using automated interface discovery
- Sep.
- W. G. Halfond and A. Orso. Improving Test Case Generation for Web Applications Using Automated Interface Discovery. In Proceedings of the ESEC/SIGSOFT Symposium on the Foundations of Software Engineering, Sep. 2007.
- (2007) Proceedings of the ESEC/SIGSOFT Symposium on the Foundations of Software Engineering
- Halfond, W.G.¹ Orso, A.²

13
- 40449116802
- A classification of SQL-injection attacks and countermeasures
- Mar.
- W. G. Halfond, J. Viegas, and A. Orso. A Classification of SQL-Injection Attacks and Countermeasures. In Proc. of the Intl. Symp. on Secure Software Engineering, Mar. 2006.
- (2006) In Proc. of the Intl. Symp. on Secure Software Engineering
- Halfond, W.G.¹ Viegas, J.² Orso, A.³

14
- 84880450431
- Web application security assessment by fault injection and behavior monitoring
- May.
- Y. Huang, S. Huang, T. Lin, and C. Tsai. Web Application Security Assessment by Fault Injection and Behavior Monitoring. In Proc. of the 12th International World Wide Web Conference , May 2003.
- (2003) In Proc. of the 12th International World Wide Web Conference
- Huang, Y.¹ Huang, S.² Lin, T.³ Tsai, C.⁴

15
- 84904170357
- Rigorous and automatic testing of web applications
- November.
- X. Jia and H. Liu. Rigorous and Automatic Testing of Web Applications. In 6th IASTED International Conference on Software Engineering and Applications, November 2002.
- (2002) 6th IASTED International Conference on Software Engineering and Applications
- Jia, X.¹ Liu, H.²

16
- 0035505613
- Measuring and modeling usage and reliability for statistical web testing
- DOI 10.1109/32.965342
- C. Kallepalli and J. Tian. Measuring and Modeling Usage and Reliability for Statistical Web Testing. IEEE Transactions on Software Engineering, 27(11):1023-1036, 2001. (Pubitemid 33106030)
- (2001) IEEE Transactions on Software Engineering , vol.27 , Issue.11 , pp. 1023-1036
- Kallepalli, C.¹ Tian, J.²

17
- 0025557712
- An empirical study of the reliability of unix utilities
- B. P. Miller, L. Fredriksen, and B. So. An empirical study of the reliability of UNIX utilities. Communications of the ACM, 33(12), 1990.
- (1990) Communications of the ACM , vol.33 , Issue.12
- Miller, B.P.¹ Fredriksen, L.² So, B.³

18
- 0035009417
- Analysis and testing ofweb applications
- May.
- F. Ricca and P. Tonella. Analysis and Testing ofWeb Applications. In International Conference on Software Engineering, May 2001.
- (2001) International Conference on Software Engineering
- Ricca, F.¹ Tonella, P.²

19
- 85008245338
- An exploration of statisticalmodels for automated test case generation
- May.
- J. Sant, A. Souter, and L. Greenwald. An Exploration of StatisticalModels for Automated Test Case Generation. In Proceedings of the International Workshop on Dynamic Analysis, May 2005.
- (2005) Proceedings of the International Workshop on Dynamic Analysis
- Sant, J.¹ Souter, A.² Greenwald, L.³

20
- 44149112234
- Addison-Wesley
- M. Sutton, A. Greene, and P. Amini. Fuzzing: Brute Force Vulnerability Discovery. Addison-Wesley, 2007.
- (2007) Fuzzing: Brute Force Vulnerability Discovery
- Sutton, M.¹ Greene, A.² Amini, P.³

21
- 14744271048
- Application penetration testing
- DOI 10.1109/MSP.2005.3
- H. H. Thompson. Application penetration testing. IEEE Security & Privacy, 3(1):66 - 69, 2005. (Pubitemid 40325585)
- (2005) IEEE Security and Privacy , vol.3 , Issue.1 , pp. 66-69
- Thompson, H.H.¹

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.