Structural modeling and verification of web applications

Mohammed Alzahrani; Lilia Georgieva

doi:10.1145/3227609.3227676

Structural modeling and verification of web applications

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The complex structure and rapid development of web applications can lead to vulnerabilities and flaws that can compromise sensitive data. Detecting these vulnerabilities at the early stages of development cycle ensures that they are easier and cheaper to fix. Structural modeling of web applications is becoming increasingly important for detection, and subsequent elimination of such flaws. In this paper we analyze structural models of web applications. We use the model checking tools Spin and Uppaal to model dynamic navigation flow. We simulate and verify time-bound navigation properties by examining the sequence of actions that a user would make when interacting with the application. We compare the usefulness of the modeling tools for analysis of users’ behavior.

Original language	English
Title of host publication	Proceedings of the 8th International Conference on Web Intelligence, Mining and Semantics
Publisher	Association for Computing Machinery
ISBN (Electronic)	9781450354899
DOIs	https://doi.org/10.1145/3227609.3227676
Publication status	Published - 25 Jun 2018
Event	8th International Conference on Web Intelligence, Mining and Semantics 2018 - Novi Sad, Serbia Duration: 25 Jun 2018 → 27 Jun 2018

Conference

Conference	8th International Conference on Web Intelligence, Mining and Semantics 2018
Abbreviated title	WIMS 2018
Country/Territory	Serbia
City	Novi Sad
Period	25/06/18 → 27/06/18

Keywords

Integrity
Modeling
Privacy
Trust
Web applications
Web security

ASJC Scopus subject areas

Human-Computer Interaction
Computer Networks and Communications
Computer Vision and Pattern Recognition
Software

Access to Document

10.1145/3227609.3227676

Cite this

@inproceedings{24f9308888a64f9e9cff643e0259bb06,

title = "Structural modeling and verification of web applications",

abstract = "The complex structure and rapid development of web applications can lead to vulnerabilities and flaws that can compromise sensitive data. Detecting these vulnerabilities at the early stages of development cycle ensures that they are easier and cheaper to fix. Structural modeling of web applications is becoming increasingly important for detection, and subsequent elimination of such flaws. In this paper we analyze structural models of web applications. We use the model checking tools Spin and Uppaal to model dynamic navigation flow. We simulate and verify time-bound navigation properties by examining the sequence of actions that a user would make when interacting with the application. We compare the usefulness of the modeling tools for analysis of users{\textquoteright} behavior.",

keywords = "Integrity, Modeling, Privacy, Trust, Web applications, Web security",

author = "Mohammed Alzahrani and Lilia Georgieva",

year = "2018",

month = jun,

day = "25",

doi = "10.1145/3227609.3227676",

language = "English",

booktitle = "Proceedings of the 8th International Conference on Web Intelligence, Mining and Semantics",

publisher = "Association for Computing Machinery",

address = "United States",

note = "8th International Conference on Web Intelligence, Mining and Semantics 2018, WIMS 2018 ; Conference date: 25-06-2018 Through 27-06-2018",

}

Alzahrani, M & Georgieva, L 2018, Structural modeling and verification of web applications. in Proceedings of the 8th International Conference on Web Intelligence, Mining and Semantics., 18, Association for Computing Machinery, 8th International Conference on Web Intelligence, Mining and Semantics 2018, Novi Sad, Serbia, 25/06/18. https://doi.org/10.1145/3227609.3227676

TY - GEN

T1 - Structural modeling and verification of web applications

AU - Alzahrani, Mohammed

AU - Georgieva, Lilia

PY - 2018/6/25

Y1 - 2018/6/25

N2 - The complex structure and rapid development of web applications can lead to vulnerabilities and flaws that can compromise sensitive data. Detecting these vulnerabilities at the early stages of development cycle ensures that they are easier and cheaper to fix. Structural modeling of web applications is becoming increasingly important for detection, and subsequent elimination of such flaws. In this paper we analyze structural models of web applications. We use the model checking tools Spin and Uppaal to model dynamic navigation flow. We simulate and verify time-bound navigation properties by examining the sequence of actions that a user would make when interacting with the application. We compare the usefulness of the modeling tools for analysis of users’ behavior.

AB - The complex structure and rapid development of web applications can lead to vulnerabilities and flaws that can compromise sensitive data. Detecting these vulnerabilities at the early stages of development cycle ensures that they are easier and cheaper to fix. Structural modeling of web applications is becoming increasingly important for detection, and subsequent elimination of such flaws. In this paper we analyze structural models of web applications. We use the model checking tools Spin and Uppaal to model dynamic navigation flow. We simulate and verify time-bound navigation properties by examining the sequence of actions that a user would make when interacting with the application. We compare the usefulness of the modeling tools for analysis of users’ behavior.

KW - Integrity

KW - Modeling

KW - Privacy

KW - Trust

KW - Web applications

KW - Web security

UR - http://www.scopus.com/inward/record.url?scp=85053484485&partnerID=8YFLogxK

U2 - 10.1145/3227609.3227676

DO - 10.1145/3227609.3227676

M3 - Conference contribution

AN - SCOPUS:85053484485

BT - Proceedings of the 8th International Conference on Web Intelligence, Mining and Semantics

PB - Association for Computing Machinery

T2 - 8th International Conference on Web Intelligence, Mining and Semantics 2018

Y2 - 25 June 2018 through 27 June 2018

ER -

Structural modeling and verification of web applications

Abstract

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Lilia Georgieva

Cite this

Structural modeling and verification of web applications

Abstract

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Profiles

Lilia Georgieva

Cite this