Lim Kah Seng, N. Ithnin, Syed Zainudeen Mohd Shaid
{"title":"Automating Penetration Testing Within Ambiguous Testing Environment","authors":"Lim Kah Seng, N. Ithnin, Syed Zainudeen Mohd Shaid","doi":"10.11113/IJIC.V8N3.180","DOIUrl":null,"url":null,"abstract":"Automated web application penetration testing has emerged as a trend. The computer was assigned the task of penetrating web application security with penetration testing technique. Relevant computer program reduces time, cost, and resources required for assessing a web application security. At the same time, scaling down tester reliance on human knowledge. Web application security scanner is such kind of program that is designed to assess web application security automatically with penetration testing technique. The downside is that computer is not well-formed as human. Consequently, web application security scanner often found generating the false alarms, especially in a testing environment, which web application source codes are unreachable. Thus, in this paper, the state-of-the-art of black box web application security scanner is systematically reviewed, to investigate the approaches for detecting web application vulnerability in an ambiguous testing environment. This survey is critical in providing insights on how to design efficient algorithms for assessing web application security with penetration testing technique in the ambiguous environment.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":"53 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2018-11-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/IJIC.V8N3.180","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 1
Abstract
Automated web application penetration testing has emerged as a trend. The computer was assigned the task of penetrating web application security with penetration testing technique. Relevant computer program reduces time, cost, and resources required for assessing a web application security. At the same time, scaling down tester reliance on human knowledge. Web application security scanner is such kind of program that is designed to assess web application security automatically with penetration testing technique. The downside is that computer is not well-formed as human. Consequently, web application security scanner often found generating the false alarms, especially in a testing environment, which web application source codes are unreachable. Thus, in this paper, the state-of-the-art of black box web application security scanner is systematically reviewed, to investigate the approaches for detecting web application vulnerability in an ambiguous testing environment. This survey is critical in providing insights on how to design efficient algorithms for assessing web application security with penetration testing technique in the ambiguous environment.
期刊介绍:
The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
