The Theory and Implementation of InputValidator: A Semi-Automated Value-Level Bypass Testing Tool

The Theory and Implementation of InputValidator: A Semi-Automated Value-Level Bypass Testing Tool

J. Miller, L. Zhang, E. Ofuonye, M. Smith
DOI: 10.4018/jitwe.2008070103
OnDemand:
(Individual Articles)
Available
$37.50
No Current Special Offers
TOTAL SAVINGS: $37.50

Abstract

The construction and testing of Web-based systems has become more complex and challenging because of continual innovations in technology. Security is a major concern, particularly for the deployment of mission critical applications. One of the principal vulnerabilities in Webbased systems revolves around insufficient and inappropriate input validation, a deficiency that can be exploited by attacks that bypass client-side checking. This article describes a partially automated mechanism, the tool InputValidator, which seeks to address this issue by sending test data directly to the server to test the robustness and security of the back-end software. The tool allows a user to construct, execute, and evaluate a number of test cases through a formfilling exercise instead of writing bespoke test code.

Complete Article List

Search this Journal:
Reset
Volume 19: 1 Issue (2024)
Volume 18: 1 Issue (2023)
Volume 17: 4 Issues (2022): 1 Released, 3 Forthcoming
Volume 16: 4 Issues (2021)
Volume 15: 4 Issues (2020)
Volume 14: 4 Issues (2019)
Volume 13: 4 Issues (2018)
Volume 12: 4 Issues (2017)
Volume 11: 4 Issues (2016)
Volume 10: 4 Issues (2015)
Volume 9: 4 Issues (2014)
Volume 8: 4 Issues (2013)
Volume 7: 4 Issues (2012)
Volume 6: 4 Issues (2011)
Volume 5: 4 Issues (2010)
Volume 4: 4 Issues (2009)
Volume 3: 4 Issues (2008)
Volume 2: 4 Issues (2007)
Volume 1: 4 Issues (2006)
View Complete Journal Contents Listing