Dynamic Analysis for Security Testing of WEB Based Applications Using Agent Technology

KAMAL, JAMBI and FATHY, EASSA and MUHAMMAD, IMRAN (2016) Dynamic Analysis for Security Testing of WEB Based Applications Using Agent Technology. In: Fourth International Conference on Advances in Computing, Communication and Information Technology CCIT- 2016, 17 - 18 March, 2016, Birmingham City University, Birmingham, UNITED KINGDOM.

20160413_115547.pdf - Published Version

Download (705kB) | Preview
Official URL: https://www.seekdl.org/conferences/paper/details/7...


This is the second part of two papers covering the topic of security testing of WEB based applications using agent technology that covers dynamic analysis. This research covers an integrated dynamic analysis technique and tool for detecting and preventing such security vulnerabilities in web applications. It is based on agent technology and written in Java. The dynamic analysis starts for tracking the propagation of user input in the program which helps to detect the vulnerabilities in the source code. This technique is extendable to the vulnerabilities in the similar class and source codes written in other object oriented languages. At the end, this paper presents a Java Web Application Security Tester (JWAST) which is an implementation of the proposed technique. Also a comparison of JWAST with other tools is presented.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Dynamic Analysis, Security Testing, WEB Based Applications, Agent Technology, Software Engineering
Depositing User: Mr. John Steve
Date Deposited: 25 Mar 2019 12:12
Last Modified: 25 Mar 2019 12:12
URI: http://publications.theired.org/id/eprint/896

Actions (login required)

View Item View Item