Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Model based vulnerability testing


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Model based vulnerability testing

  1. 1. Model-Based Vulnerability Testing for Web Applications Presented By:- K.Archana 100101CSR027 Branch:-CSE Head of Department:- Mr. Monoj Kar
  2. 2. Contents O Introduction O MBVT O MBVT Approach O DVWA Example with MBVT Approach O Advantages O Disadvantages O References
  3. 3. Introduction O Web applications are becoming more popular in means of modern information interaction, which leads to a growth of the demand of Web applications. O At the same time, Web application vulnerabilities are drastically increasing. O One of the most important software security practices that is used to mitigate the increasing number of vulnerabilities is security testing.
  4. 4. Continue… O One of the security testing is Model-Based Vulnerability Testing(MBVT).
  5. 5. MBVT O Model-Based Vulnerability Testing (MBVT) for Web applications, aims at improving the accuracy and precision of vulnerability testing. O Accuracy:- capability to focus on the relevant part of the software O Precision:- capability to avoid both false positive and false negative. O MBVT adapted the traditional approach of Model-Based Testing (MBT) in order to generate vulnerability test cases for Web applications.
  6. 6. MBVT Approach
  7. 7. DVWA Example using MBVT Approach O DVWA:- Damn Vulnerable Web Application O DVWA is an open-source Web application test bed, based on PHP/MySQL. O DVWA embeds several vulnerabilities(like SQL Injection and Blind SQL Injection, and Reflected and Stored XSS).
  8. 8. O In this example we will focus on RXSS vulnerabilities through form fields. O RXSS is one of the major breach because it is highly used and its exploitation leads to severe risks. O We will apply the four activities of MBVT approach to DVWA.
  9. 9. 1. Formalizing Vulnerability Test Patterns into Test Purposes O Vulnerability Test Patterns (vTP) are the initial artefacts of our approach. O A vTP expresses the testing needs and procedures allowing the identification of a particular breach in a Web application.
  10. 10. A vTP of Reflected XSS
  11. 11. O A test purpose is a high level expression that formalizes a test intention linked to a testing objective. O We propose test purposes as a mean to drive the automated test generation. O Smartesting Test Purpose Language is a textual language based on regular expressions, allowing the formalization of vulnerability test intention in terms of states to be reach and operations to be called.
  12. 12. test Purpose formalizing the vTP on DVWA
  13. 13. 2. Modeling:- O The modeling activity produces a model based on the functional specifications of the application, and on the test purposes. Class diagram of the SUT structure, for our MBVT approach
  14. 14. 3. Test Generation:- O The main purpose of the test generation activity is to produce test cases from both the model and the test purposes. O This activity consists of three phases. O The first phase transforms the model and the test purposes into elements usable by the Smartesting CertifyIt MBT tool.
  15. 15. O The second phase produces the abstract test cases from the test targets. O The third phase exports the abstract test cases into the execution environment.
  16. 16. Generated abstract test case example
  17. 17. 4. Adaptation and test execution:- a. Adaptation:- O During the modeling activity, all data used by the application, are modeled in a abstract way. O Hence, the test suite can’t be executed as it is. O So, the generated abstract test cases are translated into executable scripts.
  18. 18. b. Test Execution:- O The adapted test cases are executed in order to produce a verdict. O There is a new terminology fitting the characteristics of a test execution:- Attack-pass Attack-fail Inconclusive O Our model defines four malicious data dedicated to Reflected XSS attacks.
  19. 19. O These values are defined in an abstract way, and must be adapted. O Each of them is mapped to a concrete value, as shown in figure: Mapping between abstract and concrete values
  20. 20. Advantages O MBVT can address both technical and logical vulnerabilities.
  21. 21. Disadvantages O Needed effort to design models, test patterns and adapter.
  22. 22. References O application-vulnerabilities O G Erdogan - 2009 - O rstanding-false-positive-and-false-negative O db/2e2/2755271/OWASP-AppSecEU08- Petukhov.pdf O 2013_submission_8.pdf
  23. 23. Thank You