A pattern-driven and model-based vulnerability testing for Web applications. (Une approche à base de modèles et de patterns pour le test de vulnérabilités d'applications Web)

This thesis proposes an original approach, dubbed PMVT for Pattern-driven and Model-basedVulnerability Testing, which aims to improve the capability for detecting four high-profile vulnerabilitytypes, Cross-Site Scripting, SQL Injections, CSRF and Privilege Escalations, and reduce falsepositives and false negatives verdicts. PMVT relies on the use of a behavioral model of theapplication, capturing its functional aspects, and a set of vulnerability test patterns that addressvulnerabilities in a generic way. By adapting existing MBT technologies, an integrated toolchain that supports PMVT automates thedetection of the four vulnerability types in Web applications. This prototype has been experimentedand evaluated on two real-life Web applications that are currently used by tens of thousandsusers. Experiments have highlighted the effectiveness and efficiency of PMVT and shown astrong improvement of vulnerability detection capabilities w.r.t. available automated Web applicationscanners for these kind of vulnerabilities.

[1]  Pedram Amini,et al.  Fuzzing: Brute Force Vulnerability Discovery , 2007 .

[2]  Herbert H. Thompson Application Penetration Testing , 2005, IEEE Secur. Priv..

[3]  Wei Tian,et al.  Attack Model Based Penetration Test for SQL Injection Vulnerability , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops.

[4]  Dianxiang Xu,et al.  Automated Security Test Generation with Formal Threat Models , 2012, IEEE Transactions on Dependable and Secure Computing.

[5]  Tao Guo,et al.  A Model-Based Behavioral Fuzzing Approach for Network Service , 2013, 2013 Third International Conference on Instrumentation, Measurement, Computer, Communication and Control.