Logo Politecnico di Torino
ITEN
WebThesis

Improving Static Application Security Testing for JavaScript via Testability Patterns

Giulia Clerici

Improving Static Application Security Testing for JavaScript via Testability Patterns.

Rel. Riccardo Sisto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021

Abstract

Web applications nowadays are present in different domains, from configuration panels of IT devices to the core of large scale enterprise system and are so used by millions of users everyday. Therefore, security plays a key role in their development and use. The purpose of this internship is to understand how web applications programming language particularities impact on the outcomes of Static Application Security Testing (SAST) tools to scan web applications code to figure out vulnerabilities, by producing a series of patterns. This thesis work is focused on JavaScript (JS) language, which is one of the most used today for the development of web applications.

Indeed, some language peculiarities could influence the outcome of the analysis performed by the tools, thus generating false positives (FP) and false negatives (FN) results

Relatori

Riccardo Sisto

Anno Accademico

2020/21

Tipo di pubblicazione

Elettronica

Numero di pagine

102

Informazioni aggiuntive

Tesi secretata. Fulltext non presente

Corso di laurea

Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)

Classe di laurea

Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA

Ente in cotutela

TELECOM ParisTech - EURECOM (FRANCIA)

Aziende collaboratrici

SAP Labs France

URI

https://webthesis.biblio.polito.it/id/eprint/18129
Modifica (riservato agli operatori) Modifica (riservato agli operatori)
Logo Politecnico di Torino