DoDOM: Leveraging DOM Invariants for Web 2.0 Application Robustness Testing
作者: Karthik Pattabiraman , Benjamin Zorn
关键词: Web 2.0 、 Data mining 、 Web page 、 Robustness testing 、 Software fault tolerance 、 Web application 、 Computer science 、 Distributed computing 、 Robustness (computer science) 、 Server 、 Object-oriented programming
摘要: Web 2.0 applications are increasing in popularity. However, they also prone to errors because of their dynamic nature. This paper presents DoDOM, an automated system for testing the robustness based on Document Object Models (DOMs). DoDOM repeatedly executes application under a trace recorded user actions and observes client-side behavior terms its DOM structure. Based observations, extracts set invariants web application’s We show that exist real can be learned within reasonable number executions. further use fault-injection experiments demonstrate uses detecting applications. The found provide high coverage impact DOM, with low rate false positives.
ieeecomputersociety.org参考文章(19)
Soila Pertet, Priya Narasimhan, Causes of Failure in Web Applications (CMU-PDL-05-109) ,(2005)
Michael Benedikt, Juliana Freire, Patrice Godefroid, VeriWeb: Automatically Testing Dynamic Web Sites ,(2002)
João Durães, Marco Vieira, Henrique Madeira, Dependability Benchmarking of Web Servers international conference on computer safety, reliability, and security. pp. 297- 310 ,(2004) , 10.1007/978-3-540-30138-7_25
Marco Cova, Davide Balzarotti, Viktoria Felmetsger, Giovanni Vigna, Swaddler: an approach for the anomaly-based detection of state violations in web applications recent advances in intrusion detection. pp. 63- 86 ,(2007) , 10.1007/978-3-540-74320-0_4
Tim O'Reilly, What Is Web 2.0: Design Patterns and Business Models for the Next Generation of Software Social Science Research Network. ,(2007)
Michael D. Enst, Adam Czeisler, William G. Griswold, David Notkin, Quickly detecting relevant program invariants Proceedings of the 22nd international conference on Software engineering - ICSE '00. pp. 449- 458 ,(2000) , 10.1145/337180.337240
Benjamin Livshits, Úlfar Erlingsson, Using web application construction frameworks to protect against code injection attacks Proceedings of the 2007 workshop on Programming languages and analysis for security - PLAS '07. pp. 95- 104 ,(2007) , 10.1145/1255329.1255346
Kinga Doboly, Westley Weimer, Harnessing Web-Based Application Similarities to Aid in Regression Testing international symposium on software reliability engineering. pp. 71- 80 ,(2009) , 10.1109/ISSRE.2009.18
Benjamin Livshits, Emre Kiciman, Doloto Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering - SIGSOFT '08/FSE-16. pp. 350- 360 ,(2008) , 10.1145/1453101.1453151
Sudheendra Hangal, Monica S. Lam, Tracking down software bugs using automatic anomaly detection international conference on software engineering. pp. 291- 301 ,(2002) , 10.1145/581339.581377