PhD Thesis: "A Pattern-Driven and Model-Based Vulnerability Testing Approach for Web Applications"
Advisors: Prof. Bruno Legeard and Dr. Fabien Peureux
This thesis proposes an original approach, dubbed PMVT for Pattern-driven and Model-based Vulnerability Testing, which aims to improve the capability for detecting four high-profile vulnerability types, Cross-Site Scripting, SQL Injections, CSRF and Privilege Escalations, and reduce false positives and false negatives verdicts. PMVT relies on the use of a behavioral model of the application, capturing its functional aspects, and a set of vulnerability test patterns that address vulnerabilities in a generic way.
By adapting existing MBT technologies, an integrated toolchain that supports PMVT automates the detection of the four vulnerability types in Web applications. This prototype has been experimented and evaluated on two real-life Web applications that are currently used by tens of thousands users. Experiments have highlighted the effectiveness and efficiency of PMVT and shown a strong improvement of vulnerability detection capabilities w.r.t. available automated Web application scanners for these kind of vulnerabilities.