Automation of Detection of Security Vulnerabilities in Web Services using Dynamic Analysis

被引：0

作者：

Kumar, Rahul ^{[1
]}

Indraveni, K. ^{[1
]}

Goel, Aakash Kumar ^{[1
]}

机构：

[1] CDAC, Hyderabad, Andhra Pradesh, India

来源：

2014 9TH INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS (ICITST) | 2014年

关键词：

Security; Web Service; Testing; Attack; Vulnerability; WSDL; XML; Payload; Dynamic Analysis; Enumeration; Automation; SOAP Request; Response;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The usage of XML in maintaining data over the web communications has lead to new ways of exploitation which are dangerous for the data integrity yet can be remediated on the basis of the vulnerability classification. The approach is reserved for the research scope of unchangeable dynamic vulnerabilities with the help of WSDL Enumeration and automation script for detection of the vulnerabilities on analysis of the SOAP Request and Response saved in XML Format with different payloads.

引用

页码：334 / 336

页数：3

共 50 条

[21] Security risk analysis in Web Services systems
Gutierrez, Carlos
Fernandez-Medina, Eduardo
Piattini, Mario
[J]. SECRYPT 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2006, : 425 - +
[22] Choreographing security and performance analysis for web services
Gilmore, S
Haenel, V
Kloul, L
Maidl, M
[J]. FORMAL TECHNIQUES FOR COMPUTER SYSTEMS AND BUSINESS PROCESSES, PROCEEDINGS, 2005, 3670 : 200 - 214
[23] A Formal Model for dynamic Web Services Composition MAS-Based and Simple Security Analysis Using Spi Calculus
Xu, Dong-Hong
Qi, Yong
Hou, Di
Chen, Ying
Liu, Liang
[J]. NWESP 2007: THIRD INTERNATIONAL CONFERENCE ON NEXT GENERATION WEB SERVICES PRACTICES, PROCEEDINGS, 2007, : 69 - +
[24] Dynamic e-commerce security based on the web services
Zhang, GX
Zuo, GW
[J]. GRID AND COOPERATIVE COMPUTING, PT 1, 2004, 3032 : 1030 - 1033
[25] European digital libraries: web security vulnerabilities
Kuzma, Joanne
[J]. LIBRARY HI TECH, 2010, 28 (03) : 402 - 413
[26] Mapping Software Faults with Web Security Vulnerabilities
Fonseca, Jose
Vieira, Marco
[J]. 2008 IEEE INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS & NETWORKS WITH FTCS & DCC, 2008, : 257 - +
[27] A survey of static code analysis methods for security vulnerabilities detection
Kulenovic, Melina
Donko, Dzenana
[J]. 2014 37TH INTERNATIONAL CONVENTION ON INFORMATION AND COMMUNICATION TECHNOLOGY, ELECTRONICS AND MICROELECTRONICS (MIPRO), 2014, : 1381 - 1386
[28] Automatic detection and security defense of network vulnerabilities by using crawlers
Zhou Z.J.
[J]. Telecommunications and Radio Engineering (English translation of Elektrosvyaz and Radiotekhnika), 2020, 79 (14): : 1231 - 1238
[29] Security of Web services
Krawczyk, H.
Wielgus, M.
[J]. DEPCOS-RELCOMEX 2006, 2006, : 183 - +
[30] Automation of Web Services Development Using Model Driven Techniques
Qafmolla, Xhevi
Nguyen Viet Cuong
[J]. 2010 2ND INTERNATIONAL CONFERENCE ON COMPUTER AND AUTOMATION ENGINEERING (ICCAE 2010), VOL 3, 2010, : 190 - 194

← 1 2 3 4 5 →