Publicação
Combining static and dynamic analysis for the reverse engineering of web applications
| Resumo: | Software has become so complex that it is increasingly hard to have a complete understanding of how a particular system will behave. Web applications, their user interfaces in particular, are built with a wide variety of technologies making them particularly hard to debug and maintain. Reverse engineering techniques, either through static analysis of the code or dynamic analysis of the running application, can be used to help gain this understanding. Each type of technique has its limitations. With static analysis it is difficult to have good coverage of highly dynamic applications, while dynamic analysis faces problems with guaranteeing that generated models fully capture the behavior of the system. This paper proposes a new hybrid approach for the reverse engineering of web applications' user interfaces. The approach combines dynamic analyzes of the application at runtime, with static analyzes of the source code of the event handlers found during interaction. Information derived from the source code is both directly added to the generated models, and used to guide the dynamic analysis. |
|---|---|
| Autores principais: | Silva, Carlos Eduardo |
| Outros Autores: | Campos, J. Creissac |
| Assunto: | Static analysis Dynamic analysis Web applications |
| Ano: | 2013 |
| País: | Portugal |
| Tipo de documento: | comunicação em conferência |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Universidade do Minho |
| Idioma: | inglês |
| Origem: | RepositóriUM - Universidade do Minho |
Registos relacionados
groups phpSAFE: A Security Analysis Tool for OOP Web Application Plugins
por: Nunes, Paulo
Publicado em: (2016)
por: Nunes, Paulo
Publicado em: (2016)
article On Combining Diverse Static Analysis Tools for Web Security: An Empirical Study
por: Nunes, Paulo
Publicado em: (2018)
por: Nunes, Paulo
Publicado em: (2018)
school Blended Security Analysis for Web Applications: Techniques and Tools
por: Nunes, Paulo Jorge Costa
Publicado em: (2022)
por: Nunes, Paulo Jorge Costa
Publicado em: (2022)
school Static Analysis for Data-race detection in Java
por: Ferreira, Jorge Lopes
Publicado em: (2024)
por: Ferreira, Jorge Lopes
Publicado em: (2024)
book Perfomance based design of building structural frames using static non-linear analysis
por: Barros, Rui
Publicado em: (2010)
por: Barros, Rui
Publicado em: (2010)
article Profile detection through source code static analysis
por: Novais, Daniel
Publicado em: (2016)
por: Novais, Daniel
Publicado em: (2016)
article An Exploratory Study on Machine Learning to Combine Security Vulnerability Alerts from Static Analysis Tools
por: Pereira, Jose D'Abruzzo
Publicado em: (2019)
por: Pereira, Jose D'Abruzzo
Publicado em: (2019)
article Static analysis of composite and hybrid axisymmetric shells
por: Soares, Carlos A. Mota
Publicado em: (2025)
por: Soares, Carlos A. Mota
Publicado em: (2025)
article Machine Learning to Combine Static Analysis Alerts with Software Metrics to Detect Security Vulnerabilities: An Empirical Study
por: Pereira, Jose D'Abruzzo
Publicado em: (2021)
por: Pereira, Jose D'Abruzzo
Publicado em: (2021)
school Evaluation of Static Analysis Tools in Detecting OWASP Top 10 Vulnerabilities
por: Marçal, Inês Martins
Publicado em: (2024)
por: Marçal, Inês Martins
Publicado em: (2024)
article Seismic performance of confined versus unreinforced masonry buildings on hilly slopes using linear static and dynamic analysis approaches
por: Maheshwari, Rohit
Publicado em: (2023)
por: Maheshwari, Rohit
Publicado em: (2023)
school Static Verification of Cloud Applications with Why3
por: Meirim, Filipe Silva
Publicado em: (2019)
por: Meirim, Filipe Silva
Publicado em: (2019)
article Pressure sensors: working principles of static and dynamic calibration
por: Pereira, José Miguel Costa Dias
Publicado em: (2024)
por: Pereira, José Miguel Costa Dias
Publicado em: (2024)
article Static and dynamic load tests comparison considering load-energy level and soil non-linearity
por: Pereira, J. J. Gouveia
Publicado em: (2008)
por: Pereira, J. J. Gouveia
Publicado em: (2008)
school Framework for security assessments in web applications
por: Cruz, Dinis Barroqueiro
Publicado em: (2023)
por: Cruz, Dinis Barroqueiro
Publicado em: (2023)
school App Threat Analysis: Combining static analysis with users’ feedback to accelerate app store response to mobile threats
por: Fernandes, Ana Patrícia Nunes
Publicado em: (2018)
por: Fernandes, Ana Patrícia Nunes
Publicado em: (2018)
book Static and dynamic monitoring of Giovanni Pisano’s pulpit in Pistoia (Italy)
por: Marafini, Francesca
Publicado em: (2024)
por: Marafini, Francesca
Publicado em: (2024)
school Evaluation of dynamic analysis tools in detecting OWASP top 10 vulnerabilities
por: Silva, João Carlos Borges
Publicado em: (2024)
por: Silva, João Carlos Borges
Publicado em: (2024)
article Novel non-linear static numerical model for curved masonry structures based on a combined adaptive limit analysis and discrete FE computations
por: Scacco, Jacopo
Publicado em: (2022)
por: Scacco, Jacopo
Publicado em: (2022)
article Evaluation of the ductility demand in partial strength steel structures in seismic areas using non-linear static analysis
por: Nogueiro, Pedro
Publicado em: (2006)
por: Nogueiro, Pedro
Publicado em: (2006)
school Quantifying privacy of mobile applications
por: Marono, João Filipe Novêlo
Publicado em: (2023)
por: Marono, João Filipe Novêlo
Publicado em: (2023)
school Static and dynamic modelling for IGZO-TFT devices with high-k multilayer dielectric
por: Bhudia, Shiv Jyotindra
Publicado em: (2017)
por: Bhudia, Shiv Jyotindra
Publicado em: (2017)
article Phytoplankton production modelling in three marine ecosystems—static versus dynamic approach
por: Macedo, M. F.
Publicado em: (2006)
por: Macedo, M. F.
Publicado em: (2006)
school Optical network planning for static applications
por: Rodrigues, Carlos Jorge da Cruz
Publicado em: (2018)
por: Rodrigues, Carlos Jorge da Cruz
Publicado em: (2018)
article A symbolic simulator platform for the static analysis of thin plates
por: Costa, D. M. S.
Publicado em: (2016)
por: Costa, D. M. S.
Publicado em: (2016)
article The relationship between static and dynamic balance in active young adults
por: Gonçalves, Carla
Publicado em: (2022)
por: Gonçalves, Carla
Publicado em: (2022)
article On the analysis of masonry structures without box behavior
por: Lourenço, Paulo B.
Publicado em: (2011)
por: Lourenço, Paulo B.
Publicado em: (2011)
article Computational strategies for masonry structures : multi-scale modeling, dynamics, engineering applications and other challenges
por: Lourenço, Paulo B.
Publicado em: (2013)
por: Lourenço, Paulo B.
Publicado em: (2013)
school SMART: Static and Dynamic Analysis to Reverse Engineer Android Applications
por: Francisco Miguel Gouveia Serrão
Publicado em: (2021)
por: Francisco Miguel Gouveia Serrão
Publicado em: (2021)
article Assessing static and dynamic response variability due to parametric uncertainty on fibre-reinforced composites
por: Carvalho, Alda
Publicado em: (2018)
por: Carvalho, Alda
Publicado em: (2018)
article Assessment of the dynamic response of unreinforced masonry structures using a macroelement modeling approach
por: Chácara, César
Publicado em: (2018)
por: Chácara, César
Publicado em: (2018)
article Quasi-static and dynamic properties of the intervertebral disc: experimental study and model parameter determination for the porcine lumbar motion segment
por: Araújo, Ângelo Rafael Gomes
Publicado em: (2015)
por: Araújo, Ângelo Rafael Gomes
Publicado em: (2015)
article Pushover seismic analysis of quasi-static tested confined masonry buildings through simplified model
por: Marques, Rui Filipe Pedreira
Publicado em: (2012)
por: Marques, Rui Filipe Pedreira
Publicado em: (2012)
school Design and finite element analysis of formula student braking system
por: Sweed, Emad Mazen
Publicado em: (2021)
por: Sweed, Emad Mazen
Publicado em: (2021)
article Web applications security and vulnerability analysis financial web applications security audit – a case study
por: Vieira, T.
Publicado em: (2016)
por: Vieira, T.
Publicado em: (2016)
article Static-Time extraction and analysis of the ROS computation graph
por: Santos, André Fernandes
Publicado em: (2019)
por: Santos, André Fernandes
Publicado em: (2019)
school Determination of the material/geometry of the section most adequate for a static loaded beam subjected to a combination of bending and torsion
por: Silva, Hugo Miguel
Publicado em: (2011)
por: Silva, Hugo Miguel
Publicado em: (2011)
school Static detection of anomalies in transactional memory programs
por: Teixeira, Bruno Cavaca
Publicado em: (2010)
por: Teixeira, Bruno Cavaca
Publicado em: (2010)
book Evaluating the [In]security of Web Applications
por: Fonseca, José Carlos
Publicado em: (2016)
por: Fonseca, José Carlos
Publicado em: (2016)
article Determination of material/geometry of the section most adequate for a static loaded beam subjected to a combination of bending and torsion
por: Silva, Hugo Miguel
Publicado em: (2013)
por: Silva, Hugo Miguel
Publicado em: (2013)
Registos relacionados
-
groups phpSAFE: A Security Analysis Tool for OOP Web Application Plugins
por: Nunes, Paulo
Publicado em: (2016) -
article On Combining Diverse Static Analysis Tools for Web Security: An Empirical Study
por: Nunes, Paulo
Publicado em: (2018) -
school Blended Security Analysis for Web Applications: Techniques and Tools
por: Nunes, Paulo Jorge Costa
Publicado em: (2022) -
school Static Analysis for Data-race detection in Java
por: Ferreira, Jorge Lopes
Publicado em: (2024) -
book Perfomance based design of building structural frames using static non-linear analysis
por: Barros, Rui
Publicado em: (2010)