Show simple item record

Finding Bugs In Dynamic Web Applications

dc.date.accessioned2008-02-06T14:15:11Z
dc.date.accessioned2018-11-26T22:25:09Z
dc.date.available2008-02-06T14:15:11Z
dc.date.available2018-11-26T22:25:09Z
dc.date.issued2008-02-06en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/40249
dc.identifier.urihttp://repository.aust.edu.ng/xmlui/handle/1721.1/40249
dc.description.abstractWeb script crashes and malformed dynamically-generated web pages are common errors, and they seriously impact usability of web applications. Currenttools for web-page validation cannot handle the dynamically-generatedpages that are ubiquitous on today's Internet.In this work, we apply a dynamic test generation technique, based oncombined concrete and symbolic execution, to the domain of dynamic webapplications. The technique generates tests automatically andminimizes the bug-inducing inputs to reduce duplication and to makethe bug reports small and easy to understand and fix.We implemented the technique in Apollo, an automated tool thatfound dozens of bugs in real PHP applications. Apollo generatestest inputs for the web application, monitors the application forcrashes, and validates that the output conforms to the HTMLspecification. This paper presents Apollo's algorithms andimplementation, and an experimental evaluation that revealed a totalof 214 bugs in 4 open-source PHP web applications.en_US
dc.format.extent12 p.en_US
dc.relationMassachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratoryen_US
dc.relationen_US
dc.subjecthtmlen_US
dc.subjectsyntaxen_US
dc.subjectvalidationen_US
dc.subjectdynamicen_US
dc.subjectbugen_US
dc.titleFinding Bugs In Dynamic Web Applicationsen_US


Files in this item

FilesSizeFormatView
MIT-CSAIL-TR-2008-006.pdf435.9Kbapplication/pdfView/Open
MIT-CSAIL-TR-2008-006.ps4.156Mbapplication/postscriptView/Open

This item appears in the following Collection(s)

Show simple item record