Automatic Web Security Unit Testing: XSS Vulnerability Detection
This addresses the need for early vulnerability detection in software development to reduce costs, though it is incremental as it builds on existing testing methods.
The paper tackles the problem of detecting Cross Site Scripting (XSS) vulnerabilities in web applications by automatically extracting encoding functions and generating attack strings, resulting in the detection of 0-day vulnerabilities that static analysis tools miss.
Integrating security testing into the workflow of software developers not only can save resources for separate security testing but also reduce the cost of fixing security vulnerabilities by detecting them early in the development cycle. We present an automatic testing approach to detect a common type of Cross Site Scripting (XSS) vulnerability caused by improper encoding of untrusted data. We automatically extract encoding functions used in a web application to sanitize untrusted inputs and then evaluate their effectiveness by automatically generating XSS attack strings. Our evaluations show that this technique can detect 0-day XSS vulnerabilities that cannot be found by static analysis tools. We will also show that our approach can efficiently cover a common type of XSS vulnerability. This approach can be generalized to test for input validation against other types injections such as command line injection.