Scrooge: Detection of Changes in Web Applications to Enhance Security Testing
Uložené v:
| Názov: | Scrooge: Detection of Changes in Web Applications to Enhance Security Testing |
|---|---|
| Autori: | Büsser, Fabio, Kressebuch, Jan, Ochoa, Martín, Zahnd, Valentin, Trammell, Ariane |
| Zdroj: | Proceedings of the 11th International Conference on Information Systems Security and Privacy. :48-59 |
| Informácie o vydavateľovi: | SCITEPRESS - Science and Technology Publications, 2025. |
| Rok vydania: | 2025 |
| Predmety: | Security testing, Software evolution, 005: Computerprogrammierung, Programme und Daten, Black-box testing |
| Popis: | Due to the complexity of modern web applications, security testing is a time-consuming process that heavily relies on manual interaction with various analysis tools. This process often needs to be repeated for newer versions of previously tested applications, as new functionalities frequently introduce security vulnerabilities. This paper introduces scrooge, a tool that automates change detection in web application functionality to enhance the efficiency and focus of the security testing process. We evaluate scrooge on various platforms, demonstrating its ability to reliably detect a range of changes. Scrooge successfully identifies different types of changes, showcasing its applicability across diverse scenarios with high accuracy. |
| Druh dokumentu: | Article Conference object |
| DOI: | 10.5220/0013139600003899 |
| DOI: | 10.21256/zhaw-32652 |
| Prístupové číslo: | edsair.doi.dedup.....074e65cd9bda1bc5380eb1a0c9f4fe92 |
| Databáza: | OpenAIRE |
Nájsť tento článok vo Web of Science | Abstrakt: | Due to the complexity of modern web applications, security testing is a time-consuming process that heavily relies on manual interaction with various analysis tools. This process often needs to be repeated for newer versions of previously tested applications, as new functionalities frequently introduce security vulnerabilities. This paper introduces scrooge, a tool that automates change detection in web application functionality to enhance the efficiency and focus of the security testing process. We evaluate scrooge on various platforms, demonstrating its ability to reliably detect a range of changes. Scrooge successfully identifies different types of changes, showcasing its applicability across diverse scenarios with high accuracy. |
|---|---|
| DOI: | 10.5220/0013139600003899 |