loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Jonghwan Im ; Jongwon Yoon and Minsik Jin

Affiliation: Fasoo.com R&D Center, Korea, Republic of

Keyword(s): Web Application Security Testing, SAST, DAST, IAST, XSS, SDLC.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Security Verification and Validation

Abstract: Dynamic application security testing detects security vulnerabilities by sending predefined strings to web applications. So if the web applications have filters which restrict input parameters, the detection capability of dynamic application security testing is degraded. To solve this problem, interactive application security testing have emerged in which dynamic application security testing interact with static application security testing. In this paper, we propose an interactive platform for storing, processing, and distributing information collected from each security test in the software development life cycle. And we use this platform to verify that we can detect cross-site script vulnerabilities that could not be detected due to web application filters. Experiments on the proposed approach for the cross-site script vulnerability test case of OWASP Benchmark show that the detection rate of the dynamic analyzer is improved by about 32.11%.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.144.187.103

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Im, J.; Yoon, J. and Jin, M. (2017). Interaction Platform for Improving Detection Capability of Dynamic Application Security Testing. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT; ISBN 978-989-758-259-2; ISSN 2184-3236, SciTePress, pages 474-479. DOI: 10.5220/0006437104740479

@conference{secrypt17,
author={Jonghwan Im. and Jongwon Yoon. and Minsik Jin.},
title={Interaction Platform for Improving Detection Capability of Dynamic Application Security Testing},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT},
year={2017},
pages={474-479},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006437104740479},
isbn={978-989-758-259-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT
TI - Interaction Platform for Improving Detection Capability of Dynamic Application Security Testing
SN - 978-989-758-259-2
IS - 2184-3236
AU - Im, J.
AU - Yoon, J.
AU - Jin, M.
PY - 2017
SP - 474
EP - 479
DO - 10.5220/0006437104740479
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic