We propose a model-assisted security testing framework for developing Web applications. We devised a tool called 'RailroadMap' that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application's behavior, which includes all security functions and possible attack scenarios.
|Number of pages||2|
|Publication status||Published - 2013|
|Event||IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013 - Luxembourg, Luxembourg|
Duration: 2013 May 18 → 2013 May 20
|Conference||IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013|
|Period||13/5/18 → 13/5/20|
ASJC Scopus subject areas