抽象的な

Novel Dynamic Fault Localization for Server side Vulnerabilities

C.P.Shabariram, V.Sharmila, J.Francy, R.Anandhi

Pin down is a framework for root cause analysis on dynamic web application. Fault localization in dynamic web application is the problem of decisive where in the source code modifies has to be completed in order to fix the perceived failures. The cause of the failure is called as execution bug that also called as fault. The dynamic execution nature of the web application isolate the source cause of execution bug by various fault localization techniques. To identify execution bugs proficiently in web applications, some algorithms can be improved by using a comprehensive domain for conditional and function-call statements and using a source mapping but did not focus on server side vulnerability. This study use randomized input generation technique for dynamic web application to check whether the web page has vulnerable to SQL injection. An automated random input generation is constructed for each executable statement and to determine the execution failure such as a missing included file, an incorrect SQL query, or by an uncaught exception of the corresponding statement. In addition, determine HTML failures involve situations in which the generated HTML page is not syntactically correct according to an HTML validator to find HTML failures through checking appropriate tags with closing by parsing DOM tree and Less serious execution failures, like those caused by the employment of deprecated language constructs (like include & require function), produce obtrusive error messages but do not halt execution. In this study the result shows that code coverage improved from 90% to 100%. However the result indicates 100% coverage is a reliable indicator of the effectiveness of a test set

免責事項: この要約は人工知能ツールを使用して翻訳されており、まだレビューまたは確認されていません