English
Related papers

Related papers: Mining REST APIs for Potential Mass Assignment Vul…

200 papers

Mass assignment is one of the most prominent vulnerabilities in RESTful APIs. This vulnerability originates from a misconfiguration in common web frameworks, such that naming convention and automatic binding can be exploited by an attacker…

Cryptography and Security · Computer Science 2023-01-04 Davide Corradini , Michele Pasqua , Mariano Ceccato

Modern web services increasingly rely on REST APIs. Effectively testing these APIs is challenging due to the vast search space to be explored, which involves selecting API operations for sequence creation, choosing parameters for each…

Software Engineering · Computer Science 2023-09-12 Myeongsoo Kim , Saurabh Sinha , Alessandro Orso

Modern web services routinely provide REST APIs for clients to access their functionality. These APIs present unique challenges and opportunities for automated testing, driving the recent development of many techniques and tools that…

Software Engineering · Computer Science 2022-09-08 Myeongsoo Kim , Qi Xin , Saurabh Sinha , Alessandro Orso

In industry, RESTful APIs are widely used to build modern Cloud Applications. Testing them is challenging, because not only they rely on network communications, but also they deal with external services like databases. Therefore, there has…

Software Engineering · Computer Science 2023-01-02 Amid Golmohammadi , Man Zhang , Andrea Arcuri

We present AuthREST, an open-source security testing tool targeting broken authentication, one of the most prevalent API security risks in the wild. AuthREST automatically tests web APIs for credential stuffing, password brute forcing, and…

Cryptography and Security · Computer Science 2025-09-15 Davide Corradini , Mariano Ceccato , Mohammad Ghafari

RESTful APIs are arguably the most popular endpoints for accessing Web services. Blackbox testing is one of the emerging techniques for ensuring the reliability of RESTful APIs. The major challenge in testing RESTful APIs is the need for…

Software Engineering · Computer Science 2022-06-28 Yi Liu , Yuekang Li , Gelei Deng , Yang Liu , Ruiyuan Wan , Runchao Wu , Dandan Ji , Shiheng Xu , Minli Bao

The focus of this paper is on automating the security testing of RESTful APIs. The testing stage of this specific kind of components is often performed manually, and this is yet considered as a long and difficult activity. This paper…

Cryptography and Security · Computer Science 2024-03-07 Sebastien Salva , Jarod Sue

RESTful APIs are a type of web services that are widely used in industry. In the last few years, a lot of effort in the research community has been spent in designing novel techniques to automatically fuzz those APIs to find faults in them.…

Software Engineering · Computer Science 2022-07-11 Man Zhang , Andrea Arcuri

REST is today's most widely used architectural style for providing web-based services. In the age of service-orientation (a.k.a. Software as a Service (SaaS)) APIs have become core business assets and can easily expose hundreds of…

Software Engineering · Computer Science 2026-01-26 Sven Peldszus , Jan Rutenkolk , Marcel Heide , Jan Sollmann , Benjamin Klatt , Frank Köhne , Thorsten Berger

Nowadays, web services play a major role in the development of enterprise applications. Many such applications are now developed using a service-oriented architecture (SOA), where microservices is one of its most popular kind. A RESTful web…

Software Engineering · Computer Science 2019-01-08 Andrea Arcuri

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

A common way of exposing functionality in contemporary systems is by providing a Web-API based on the REST API architectural guidelines. To describe REST APIs, the industry standard is currently OpenAPI-specifications. Test generation and…

Software Engineering · Computer Science 2023-10-27 Stefan Karlsson , Robbert Jongeling , Adnan Causevic , Daniel Sundmark

Test coverage is a standard measure used to evaluate the completeness of a test suite. Coverage is typically computed on source code, by assessing the extent of source code entities (e.g., statements, data dependencies, control…

Software Engineering · Computer Science 2021-08-19 Davide Corradini , Amedeo Zampieri , Michele Pasqua , Mariano Ceccato

REST (Representational State Transfer) APIs have become integral for data communication and exchange due to their simplicity, scalability, and compatibility with web standards. However, ensuring REST APIs' reliability through rigorous…

Software Engineering · Computer Science 2024-10-22 Tien-Quang Nguyen , Nghia-Hieu Cong , Ngoc-Minh Quach , Hieu Dinh Vo , Son Nguyen

Application programming interfaces (APIs) have become a central part of the modern IT environment, allowing developers to enrich the functionality of applications and interact with third parties such as cloud and payment providers. This…

Cryptography and Security · Computer Science 2026-03-17 Nurullah Demir , Yash Vekaria , Georgios Smaragdakis , Zakir Durumeric

REST APIs have become key components of web services. However, they often contain logic flaws resulting in server side errors or security vulnerabilities. HTTP requests are used as test cases to find and mitigate such issues. Existing…

Software Engineering · Computer Science 2024-12-23 Myles Foley , Sergio Maffeis

Automatically crafting test scenarios for REST APIs helps deliver more reliable and trustworthy web-oriented systems. However, current black-box testing approaches rely heavily on the information available in the API's formal documentation,…

Software Engineering · Computer Science 2024-08-19 Davide Corradini , Zeno Montolli , Michele Pasqua , Mariano Ceccato

REST APIs enable collaboration among microservices. A single fault in a REST API can bring down the entire microservice system and cause significant financial losses, underscoring the importance of REST API testing. Effectively testing REST…

Software Engineering · Computer Science 2026-04-10 Ding Yang , Ruixiang Qian , Zhao Wei , Zhenyu Chen , Chunrong Fang

Healthcare Internet of Things (IoT) applications require rigorous testing to ensure their dependability. Such applications are typically integrated with various third-party healthcare applications and medical devices through REST APIs. This…

Software Engineering · Computer Science 2023-09-11 Hassan Sartaj , Shaukat Ali , Tao Yue , Kjetil Moberg

With the growth of web applications, REST APIs have become the primary communication method between services. In order to ensure system reliability and security, software quality can be assured by effective testing methods. Black box fuzz…

Software Engineering · Computer Science 2022-01-03 Chung-Hsuan Tsai , Shi-Chun Tsai , Shih-Kun Huang
‹ Prev 1 2 3 10 Next ›