For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Research on SIQRS Spreading Dynamic Model with Feedback Mechanism on Scale-Free Networks
p.4524
Research on Web Service-Oriented Access Control Model
p.4528
Network Security Technology Research in the Process of Art E-Commerce Transactions
p.4533
The Application Design of Personalized Recommendation System Based on Data Mining to E-Commerce
p.4538
Research on Combine White-Box Testing and Black-Box Testing of Web Applications Security
p.4542
Performance Comparison Based-RSSI for Sensor Networks in Different Environments
p.4547
Research of Virtual Simulation Scenario Editor for Earthquake Tabletop Exercise
p.4551
HIPPO: An Adaptive, Scalable, Hierarchical P2PLive Streaming System
p.4556
About the Requirement Analysis Changes of ERP Software Project
p.4562

Research on Combine White-Box Testing and Black-Box Testing of Web Applications Security

Article Preview

Abstract:

Contrary to high false positives rate of use White-box testing tools for Web application source code security and unable to locate vulnerabilities of use Black-box testing tools for Web application security, propose an effective method for combine White-box and Black-box testing tools of Web applications. This method will put the new technology of “Associated Files Matching Engine” into White-box testing tools, this test result and Black-box test result will be statistical analyzed and combined. Argumentation show, this method reduce the positives rate of White-box test result and be able to locate vulnerabilities where it is in file.

You might also be interested in these eBooks
Materials Science, Computer and Information Technology View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 989-994)

Pages:

4542-4546

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.989-994.4542

Citation:

Cite this paper

Online since:

July 2014

Authors:

Jie Fan*, Peng Gao, Cong Cong Shi, Ni Ge Li

Keywords:

Black-Box Testing, Security, Web Application, White-Box Testing

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2014 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] LIANG Jie, ZHANGMiao, XUGuo-ai, YANG Yi-xian. New static analysis model in source code. APPLICATION RESEARCH OF COMPUTERS, 2008 25(9).

Google Scholar

[2] Jinbin Lin, Xiaofei Zhang, Hui Liu. Research Symbolic Executing. China's information security. 2008 3.

Google Scholar

[3] Honglu Yang, Yunzhan Gong, WenLing Gao, Lege Bai. Software security static testing techniques and tools. Microcomputer & Its Applications. 2009 28(9).

Google Scholar

[4] BRIAN C. Static analysis for security [J]. IEEE Security & Privacy. 2004 7(4) 32-36.

Google Scholar

[5] Xia Yiming. Security Vulnerability Dection Study Based on Static Analysis. [J]. Computer Science. 2006 33(10) 279-283.

Google Scholar

[6] Lin Zhang, Qingkai Zeng. The static testing technology of software security vulnerabilities. Computer Engineering. 2008 34(12) 157-159.

Google Scholar

[7] Jiangguang Yang, Dacheng Mei. Black-box testing method and the comprehensive strategy research. Computer CD Software and Application. 2012 4 121-122.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.