Semantic web Racer: Dynamic security testing of the web application against race condition in the business layer
作者:
Highlights:
• Classifying various race conditions in the web applications.
• Defining various race conditions existing in e-commerce web applications.
• Defining race window for defined race conditions in the web applications.
• Presenting the black box approach for detecting race-prone processes.
• Presenting the black box approach for detecting race conditions.
摘要
•Classifying various race conditions in the web applications.•Defining various race conditions existing in e-commerce web applications.•Defining race window for defined race conditions in the web applications.•Presenting the black box approach for detecting race-prone processes.•Presenting the black box approach for detecting race conditions.
论文关键词:Dynamic testing,Vulnerability Analysis,Web application,Business process,Race Condition,Ajax Events
论文评审过程:Received 25 July 2021, Revised 17 December 2021, Accepted 17 January 2022, Available online 3 February 2022, Version of Record 16 February 2022.
论文官网地址:https://doi.org/10.1016/j.eswa.2022.116569