English
Related papers

Related papers: REST API Fuzzing by Coverage Level Guided Blackbox…

200 papers

Software's pervasive impact and increasing reliance in the era of digital transformation raise concerns about vulnerabilities, emphasizing the need for software security. Fuzzy testing is a dynamic analysis software testing technique that…

Software Engineering · Computer Science 2024-07-22 Tiago Dias , Eva Maia , Isabel Praça

Many business processes currently depend on web services, often using REST APIs for communication. REST APIs expose web service functionality through endpoints, allowing easy client interaction over the Internet. To reduce the security risk…

Software Engineering · Computer Science 2026-03-26 Thomas Rooijakkers , Anne Nijsten , Cristian Daniele , Erieke Weitenberg , Ringo Groenewegen , Arthur Melissen

Nowadays, web services play a major role in the development of enterprise applications. Many such applications are now developed using a service-oriented architecture (SOA), where microservices is one of its most popular kind. A RESTful web…

Software Engineering · Computer Science 2019-01-08 Andrea Arcuri

Test flakiness is a common problem in industry, which hinders the reliability of automated build and testing workflows. Most existing research on test flakiness has primarily focused on unit and small-scale integration tests. In contrast,…

Software Engineering · Computer Science 2026-03-31 Man Zhang , Chongyang Shen , Andrea Arcuri , Tao Yue

RESTful APIs are a type of web services that are widely used in industry. In the last few years, a lot of effort in the research community has been spent in designing novel techniques to automatically fuzz those APIs to find faults in them.…

Software Engineering · Computer Science 2022-07-11 Man Zhang , Andrea Arcuri

RESTful APIs are arguably the most popular endpoints for accessing Web services. Blackbox testing is one of the emerging techniques for ensuring the reliability of RESTful APIs. The major challenge in testing RESTful APIs is the need for…

Software Engineering · Computer Science 2022-06-28 Yi Liu , Yuekang Li , Gelei Deng , Yang Liu , Ruiyuan Wan , Runchao Wu , Dandan Ji , Shiheng Xu , Minli Bao

Due to their widespread use in industry, several techniques have been proposed in the literature to fuzz REST APIs. Existing fuzzers for REST APIs have been focusing on detecting crashes (e.g., 500 HTTP server error status code). However,…

Software Engineering · Computer Science 2026-04-02 Omur Sahin , Man Zhang , Andrea Arcuri

In RESTful APIs, interactions with a database are a common and crucial aspect. When generating whitebox tests, it is essential to consider the database's state (i.e., the data contained in the database) to achieve higher code coverage and…

Software Engineering · Computer Science 2025-07-29 Hernan Ghianni , Man Zhang , Juan P. Galeotti , Andrea Arcuri

In literature, we can find research tools to automatically generate test cases for RESTful APIs, addressing the specificity of this particular programming domain. However, no direct comparison of these tools is available to guide developers…

Software Engineering · Computer Science 2021-08-19 Davide Corradini , Amedeo Zampieri , Michele Pasqua , Mariano Ceccato

Due to its importance and widespread use in industry, automated testing of REST APIs has attracted major interest from the research community in the last few years. However, most of the work in the literature has been focused on black-box…

Software Engineering · Computer Science 2023-09-18 Andrea Arcuri , Man Zhang , Juan Pablo Galeotti

Test coverage is a standard measure used to evaluate the completeness of a test suite. Coverage is typically computed on source code, by assessing the extent of source code entities (e.g., statements, data dependencies, control…

Software Engineering · Computer Science 2021-08-19 Davide Corradini , Amedeo Zampieri , Michele Pasqua , Mariano Ceccato

In industry, RESTful APIs are widely used to build modern Cloud Applications. Testing them is challenging, because not only they rely on network communications, but also they deal with external services like databases. Therefore, there has…

Software Engineering · Computer Science 2023-01-02 Amid Golmohammadi , Man Zhang , Andrea Arcuri

Automatically crafting test scenarios for REST APIs helps deliver more reliable and trustworthy web-oriented systems. However, current black-box testing approaches rely heavily on the information available in the API's formal documentation,…

Software Engineering · Computer Science 2024-08-19 Davide Corradini , Zeno Montolli , Michele Pasqua , Mariano Ceccato

Mass assignment is one of the most prominent vulnerabilities in RESTful APIs. This vulnerability originates from a misconfiguration in common web frameworks, such that naming convention and automatic binding can be exploited by an attacker…

Cryptography and Security · Computer Science 2023-01-04 Davide Corradini , Michele Pasqua , Mariano Ceccato

Modern web services routinely provide REST APIs for clients to access their functionality. These APIs present unique challenges and opportunities for automated testing, driving the recent development of many techniques and tools that…

Software Engineering · Computer Science 2022-09-08 Myeongsoo Kim , Qi Xin , Saurabh Sinha , Alessandro Orso

REST (Representational State Transfer) APIs have become integral for data communication and exchange due to their simplicity, scalability, and compatibility with web standards. However, ensuring REST APIs' reliability through rigorous…

Software Engineering · Computer Science 2024-10-22 Tien-Quang Nguyen , Nghia-Hieu Cong , Ngoc-Minh Quach , Hieu Dinh Vo , Son Nguyen

Representational state transfer (REST) is a widely employed architecture by web applications and cloud. Users can invoke such services according to the specification of their application interfaces, namely RESTful APIs. Existing approaches…

Software Engineering · Computer Science 2022-03-08 Jiaxian Lin , Tianyu Li , Yang Chen , Guangsheng Wei , Jiadong Lin , Sen Zhang , Hui Xu

Fuzz Testing is a well-studied area in the field of Software Maintenance and Evolution. In recent years, coverage-based Greybox fuzz testing has gained immense attention by discovering critical security level and show-stopper bugs in…

Software Engineering · Computer Science 2019-07-29 Animesh Basak Chowdhury

A common way of exposing functionality in contemporary systems is by providing a Web-API based on the REST API architectural guidelines. To describe REST APIs, the industry standard is currently OpenAPI-specifications. Test generation and…

Software Engineering · Computer Science 2023-10-27 Stefan Karlsson , Robbert Jongeling , Adnan Causevic , Daniel Sundmark

This paper introduces Pythia, the first fuzzer that augments grammar-based fuzzing with coverage-guided feedback and a learning-based mutation strategy for stateful REST API fuzzing. Pythia uses a statistical model to learn common usage…

Software Engineering · Computer Science 2020-05-26 Vaggelis Atlidakis , Roxana Geambasu , Patrice Godefroid , Marina Polishchuk , Baishakhi Ray
‹ Prev 1 2 3 10 Next ›