Checking security properties of cloud service REST APIs
V Atlidakis, P Godefroid… - 2020 IEEE 13th …, 2020 - ieeexplore.ieee.org
Most modern cloud and web services are programmatically accessed through REST APIs.
This paper discusses how an attacker might compromise a service by exploiting …
This paper discusses how an attacker might compromise a service by exploiting …
Restler: Stateful rest api fuzzing
V Atlidakis, P Godefroid… - 2019 IEEE/ACM 41st …, 2019 - ieeexplore.ieee.org
This paper introduces RESTler, the first stateful REST API fuzzer. RESTler analyzes the API
specification of a cloud service and generates sequences of requests that automatically test …
specification of a cloud service and generates sequences of requests that automatically test …
Intelligent REST API data fuzzing
P Godefroid, BY Huang, M Polishchuk - … of the 28th ACM joint meeting on …, 2020 - dl.acm.org
The cloud runs on REST APIs. In this paper, we study how to intelligently generate data
payloads embedded in REST API requests in order to find data-processing bugs in cloud …
payloads embedded in REST API requests in order to find data-processing bugs in cloud …
QuickREST: Property-based test generation of OpenAPI-described RESTful APIs
S Karlsson, A Čaušević… - 2020 IEEE 13th …, 2020 - ieeexplore.ieee.org
RESTful APIs are an increasingly common way to expose software systems functionality and
it is therefore of high interest to find methods to automatically test and verify such APIs. To …
it is therefore of high interest to find methods to automatically test and verify such APIs. To …
Mobile application web api reconnaissance: Web-to-mobile inconsistencies & vulnerabilities
Modern mobile apps use cloud-hosted HTTP-based API services and heavily rely on the
Internet infrastructure for data communication and storage. To improve performance and …
Internet infrastructure for data communication and storage. To improve performance and …
Testing restful apis: A survey
In industry, RESTful APIs are widely used to build modern Cloud Applications. Testing them
is challenging, because not only do they rely on network communications, but also they deal …
is challenging, because not only do they rely on network communications, but also they deal …
Differential regression testing for REST APIs
P Godefroid, D Lehmann, M Polishchuk - Proceedings of the 29th ACM …, 2020 - dl.acm.org
Cloud services are programmatically accessed through REST APIs. Since REST APIs are
constantly evolving, an important problem is how to prevent breaking changes of APIs, while …
constantly evolving, an important problem is how to prevent breaking changes of APIs, while …
On semantic detection of cloud API (anti) patterns
Context Open standards are urgently needed for enabling software interoperability in Cloud
Computing. Open Cloud Computing Interface (OCCI) provides a set of best design principles …
Computing. Open Cloud Computing Interface (OCCI) provides a set of best design principles …
Towards better utilizing static application security testing
Static application security testing (SAST) detects vulnerability warnings through static
program analysis. Fixing the vulnerability warnings tremendously improves software quality …
program analysis. Fixing the vulnerability warnings tremendously improves software quality …
{MINER}: A Hybrid {Data-Driven} Approach for {REST}{API} Fuzzing
In recent years, REST API fuzzing has emerged to explore errors on a cloud service. Its
performance highly depends on the sequence construction and request generation …
performance highly depends on the sequence construction and request generation …