2026-05-24T11:13:55Zhttps://keep.lib.asu.edu/oai/requestoai:keep.lib.asu.edu:node-1556012024-12-20T18:25:12Zoai_pmh:alloai_pmh:repo_items155601
https://hdl.handle.net/2286/R.I.44256
http://rightsstatements.org/vocab/InC/1.0/
All Rights Reserved
2017
47 pages
Masters Thesis
Academic theses
Text
eng
Khairnar, Tejas
Doupe, Adam
Ahn, Gail-Joon
Zhao, Ziming
Arizona State University
Masters Thesis Computer Science 2017
Web applications are an incredibly important aspect of our modern lives. Organizations<br/><br/>and developers use automated vulnerability analysis tools, also known as<br/><br/>scanners, to automatically find vulnerabilities in their web applications during development.<br/><br/>Scanners have traditionally fallen into two types of approaches: black-box<br/><br/>and white-box. In the black-box approaches, the scanner does not have access to the<br/><br/>source code of the web application whereas a white-box approach has access to the<br/><br/>source code. Today’s state-of-the-art black-box vulnerability scanners employ various<br/><br/>methods to fuzz and detect vulnerabilities in a web application. However, these<br/><br/>scanners attempt to fuzz the web application with a number of known payloads and<br/><br/>to try to trigger a vulnerability. This technique is simple but does not understand<br/><br/>the web application that it is testing. This thesis, presents a new approach to vulnerability<br/><br/>analysis. The vulnerability analysis module presented uses a novel approach<br/><br/>of Inductive Reverse Engineering (IRE) to understand and model the web application.<br/><br/>IRE first attempts to understand the behavior of the web application by giving<br/><br/>certain number of input/output pairs to the web application. Then, the IRE module<br/><br/>hypothesizes a set of programs (in a limited language specific to web applications,<br/><br/>called AWL) that satisfy the input/output pairs. These hypotheses takes the form of<br/><br/>a directed acyclic graph (DAG). AWL vulnerability analysis module can then attempt<br/><br/>to detect vulnerabilities in this DAG. Further, it generates the payload based on the<br/><br/>DAG, and therefore this payload will be a precise payload to trigger the potential vulnerability<br/><br/>(based on our understanding of the program). It then tests this potential<br/><br/>vulnerability using the generated payload on the actual web application, and creates<br/><br/>a verification procedure to see if the potential vulnerability is actually vulnerable,<br/><br/>based on the web application’s response.
Computer Science
Black-Box
Cross Site Scripting
Inductive Reverse Engineering
Static Program Analysis
Vulnerability Scanner
XSS
Next Generation Black-Box Web Application Vulnerability Analysis Framework