{"title":"模糊测试在Web软件安全漏洞测试中的应用","authors":"Li Li, Qiu Dong, Dan Liu, Leilei Zhu","doi":"10.1109/ITA.2013.36","DOIUrl":null,"url":null,"abstract":"Web applications need for extensive testing before deployment and use, for early detecting security vulnerabilities to improve the quality of the safety of the software, the purpose of this paper is to research the fuzzing applications in security vulnerabilities. This article first introduces the common Web software security vulnerabilities, and then provide a comprehensive overview of the fuzzing technology, and using fuzzing tools Web fuzz to execute a software vulnerability testing, test whether there is a software security hole. Test results prove that fuzzing is suitable for software security vulnerabilities testing, but this methodology applies only to security research field, and in the aspect of software security vulnerabilities detection is still insufficient.","PeriodicalId":285687,"journal":{"name":"2013 International Conference on Information Technology and Applications","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"The Application of Fuzzing in Web Software Security Vulnerabilities Test\",\"authors\":\"Li Li, Qiu Dong, Dan Liu, Leilei Zhu\",\"doi\":\"10.1109/ITA.2013.36\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web applications need for extensive testing before deployment and use, for early detecting security vulnerabilities to improve the quality of the safety of the software, the purpose of this paper is to research the fuzzing applications in security vulnerabilities. This article first introduces the common Web software security vulnerabilities, and then provide a comprehensive overview of the fuzzing technology, and using fuzzing tools Web fuzz to execute a software vulnerability testing, test whether there is a software security hole. Test results prove that fuzzing is suitable for software security vulnerabilities testing, but this methodology applies only to security research field, and in the aspect of software security vulnerabilities detection is still insufficient.\",\"PeriodicalId\":285687,\"journal\":{\"name\":\"2013 International Conference on Information Technology and Applications\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-11-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Information Technology and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITA.2013.36\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Information Technology and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITA.2013.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The Application of Fuzzing in Web Software Security Vulnerabilities Test
Web applications need for extensive testing before deployment and use, for early detecting security vulnerabilities to improve the quality of the safety of the software, the purpose of this paper is to research the fuzzing applications in security vulnerabilities. This article first introduces the common Web software security vulnerabilities, and then provide a comprehensive overview of the fuzzing technology, and using fuzzing tools Web fuzz to execute a software vulnerability testing, test whether there is a software security hole. Test results prove that fuzzing is suitable for software security vulnerabilities testing, but this methodology applies only to security research field, and in the aspect of software security vulnerabilities detection is still insufficient.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
