Please use this identifier to cite or link to this item:
Title: Realistic traffic generation for efficient web application fuzzing
Authors: Duan, Yiting
Keywords: Engineering::Computer science and engineering::Software::Software engineering
Issue Date: 2022
Publisher: Nanyang Technological University
Source: Duan, Y. (2022). Realistic traffic generation for efficient web application fuzzing. Final Year Project (FYP), Nanyang Technological University, Singapore.
Project: SCSE21-0225 
Abstract: Black-box API testing is a common way to locate reliability and security bugs in closed-source RESTful services. Such testing technique relies heavily on the OpenAPI specification of the RESTful services, which are often not provided. Therefore, a prototype tool was developed to generate OpenAPI specification of a target RESTful service by processing its traffic. Previously, the traffic fed into the formatter tool was manually generated by interacting with the target service by a real user. In this project, we use Selenium, an automated web testing framework to generate such traffic in a reliable and efficient way. Meanwhile, we offer a significant improvement to the current formatter by supporting path parameter identification. Lastly, we evaluate the quality between manually written OpenAPI specification by examining the source code, and the quality of generated specification by processing its traffic.
Schools: School of Computer Science and Engineering 
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
  Restricted Access
1.86 MBAdobe PDFView/Open

Page view(s)

Updated on Nov 29, 2023


Updated on Nov 29, 2023

Google ScholarTM


Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.