Open AccessOptimization Method of Web Fuzzy Test Cases Based on Genetic Algorithm
Author(s) -
Sheng Guan Qu,
Zheng Zhang,
Bolin Ma,
Yuwen Shao
Publication year - 2021
Publication title -
journal of physics. conference series
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.21
H-Index - 85
eISSN - 1742-6596
pISSN - 1742-6588
DOI - 10.1088/1742-6596/2078/1/012015
Subject(s) - fuzz testing , computer science , web service , web application security , data mining , genetic algorithm , test case , computer security , world wide web , database , machine learning , web development , programming language , software , regression analysis
In order to solve the problems of low code coverage, few vulnerabilities found, and poor fuzzing effect caused by the small number of test cases and single types in Web fuzzing, on the basis of studying the current Web fuzzing methods, the existing fuzzing Web applications are tested Program research. A genetic algorithm-based method for optimizing fuzzing test cases for Web applications is proposed. It analyzes and counts the traffic of public network website business with Web service attack characteristics, and uses genetic algorithms to generate a large number of test cases with various types to explore the Web service vulnerability that exists. Based on the creation of a Web attack signature database with weights, this method uses genetic algorithms to randomly pre-generate the test cases of the fuzzing test, and uses the response of the Web service to repeatedly iterate the weights of different attack signatures in the Web attack signature database. So as to generate the best test cases. Experimental analysis shows that this method effectively finds security vulnerabilities in Web applications.