Sciweavers

KBSE
2010
IEEE

MiTV: multiple-implementation testing of user-input validators for web applications

13 years 11 months ago
MiTV: multiple-implementation testing of user-input validators for web applications
User-input validators play an essential role in guarding a web application against application-level attacks. Hence, the security of the web application can be compromised by defective validators. To detect defects in validators, testing is one of the most commonly used methodologies. Testing can be performed by manually writing test inputs and oracles, but this manual process is often laborintensive and ineffective. On the other hand, automated test generators cannot generate test oracles in the absence of specifications, which are often not available in practice. To address this issue in testing validators, we propose a novel approach, called MiTV, that applies Multiple-implementation Testing for Validators, i.e., comparing the behavior of a validator under test with other validators of the same type. These other validators of the same type can be collected from either open or proprietary source code repositories. To show the effectiveness of MiTV, we applied MiTV on 53 different v...
Kunal Taneja, Nuo Li, Madhuri R. Marri, Tao Xie, N
Added 29 Jan 2011
Updated 29 Jan 2011
Type Journal
Year 2010
Where KBSE
Authors Kunal Taneja, Nuo Li, Madhuri R. Marri, Tao Xie, Nikolai Tillmann
Comments (0)