Automating Penetration Testing Within an Ambiguous Testing Environment

Authors

  • Lim Kah Seng Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia
  • Norafida Ithnin Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia
  • Syed Zainudeen Mohd Shaid Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia

DOI:

https://doi.org/10.11113/ijic.v8n3.180

Keywords:

Penetration testing, Web application security scanner, False alarm, Ambiguous testing environment

Abstract

Automated web application penetration testing has emerged as a trend. The computer was assigned the task of penetrating web application security with penetration testing technique. Relevant computer program reduces time, cost, and resources required for assessing a web application security. At the same time, scaling down tester reliance on human knowledge. Web application security scanner is such kind of program that is designed to assess web application security automatically with penetration testing technique. The downside is that computer is not well-formed as human. Consequently, web application security scanner often found generating the false alarms, especially in a testing environment, which web application source codes are unreachable. Thus, in this paper, the state-of-the-art of black box web application security scanner is systematically reviewed, to investigate the approaches for detecting web application vulnerability in an ambiguous testing environment.  This survey is critical in providing insights on how to design efficient algorithms for assessing web application security with penetration testing technique in the ambiguous environment.

Downloads

Published

2018-11-21

How to Cite

Kah Seng, L., Ithnin, N., & Mohd Shaid, S. Z. (2018). Automating Penetration Testing Within an Ambiguous Testing Environment. International Journal of Innovative Computing, 8(3). https://doi.org/10.11113/ijic.v8n3.180

Issue

Section

Computer Science