Automated and Effective Testing of Web Services for XML Injection Attacks

Jan, Sadeeq; Nguyen, Duy Cu; Briand, Lionel

Reference : Automated and Effective Testing of Web Services for XML Injection Attacks


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/27070

Title :	Automated and Effective Testing of Web Services for XML Injection Attacks
Language :	English
Author, co-author :	Jan, Sadeeq [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Nguyen, Duy Cu [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Briand, Lionel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Publication date :	18-Jul-2016
Main document title :	ISSTA'16-The International Symposium on Software Testing and Analysis, Saarbrücken 18-20 July 2016
Pages :	12-23
Peer reviewed :	Yes
On invitation :	No
Audience :	International
Event name :	ISSTA'16-The International Symposium on Software Testing and Analysis
Event date :	18-07-2016 to 20-07-2016
Event organizer :	ACM SIGSOFT
Event place (city) :	Saarbrücken
Event country :	Germany
Keywords :	[en] XML Injection ; Security Testing ; Constraint Solving
Abstract :	[en] XML is extensively used in web services for integration and data exchange. Its popularity and wide adoption make it an attractive target for attackers and a number of XML-based attack types have been reported recently. This raises the need for cost-effective, automated testing of web services to detect XML-related vulnerabilities, which is the focus of this paper. We discuss a taxonomy of the types of XML injection attacks and use it to derive four different ways to mutate XML messages, turning them into attacks (tests) automatically. Further, we consider domain constraints and attack grammars, and use a constraint solver to generate XML messages that are both malicious and valid, thus making it more difficult for any protection mechanism to recognise them. As a result, such messages have a better chance to detect vulnerabilities. Our evaluation on an industrial case study has shown that a large proportion (78.86%) of the attacks generated using our approach could circumvent the first layer of security protection, an XML gateway (firewall), a result that is much better than what a state-of-the-art tool based on fuzz testing could achieve.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust-University of Luxembourg
Funders :	Fonds National de la Recherche - FnR
Target :	Researchers ; Professionals ; Students
Permalink :	http://hdl.handle.net/10993/27070
FnR project :	FnR ; FNR6024200 > Sadeeq Jan > > An Effective Automated Testing approach for Detection of XML Injection > 15/09/2013 > 14/09/2016 > 2013

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Limited access	Final_ISSTA16_xmli_CMR.pdf		Author postprint	843.31 kB	Request a copy

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices