Development of a concept and tools for modeling web application testing processes using fuzzing using dynamic Bayesian networks

Ensuring the sustainability of web applications with respect to various security threats plays a crucial role in the development of modern information support technologies for industrial enterprises, financial structures and service organizations. This explains the high relevance of the development of new scientifically sound effective computational methods, algorithms and problem-oriented programs for testing web applications with a complex functional structure of internal and external interaction, which implement the capabilities of streaming data generated from the results of each of the test steps, and the application of the results in the process of managing the testing of web applications. The article describes the concept of modeling testing processes, research of the obtained models and development of analysis and prediction algorithms, based on a formalized apparatus of dynamic Bayesian networks. The Bayesian models proposed in the paper, built on the basis of statistical training, help to determine time relationships for each of the parameters determined during the test procedure, provide the opportunity to predict test results by performing simulations using probabilistic inference methods.

1. Adebiyi A.A., Arreymbi J., Imafidon C. Neural network based security tool for analyzing software. Advances in Information and Communication Technology. 2013;80–87.

2. Zegzhda P.D., Kort S.S., Suprun A.F. Detection of anomalies in behavior of the software with usage of Markov chains Automatic Control and Computer Sciences. 2015;820–825.

3. Kotenko I.V., Chichulin А.V. Primenenie grafov atak dlya ocenki zaschischennosti kompyuternyh setej i analiza sobytij bezopasnosti. Sistemy vysokoj dostupnosti. 2013;103–110. (In Russ.).

4. Beizer B. Black Box testing. Spb, Piter; 2004. 321 p. (In Russ.).

5. Korb K.B., Nicholson A.E. Bayesian Artificial Intelligence. Boca Raton, CRC Press; 2004. 491 p.

6. Polukhin P.V. Instrumenty optimizacii mnogochastichnogo filtra dlya veroyatnostnyh modelej dinamicheskih sistem. Sistemy upravleniya i informacionnye tehnologii. 2021;4–10. (In Russ).

7. Chickering D.M. Optimal structure identification with greedy search. Journal of Machine Learning Research. 2002;507–554.

8. Pearl J. Causality: Models, Reasoning and Inference. N.Y., Cambridge University Press; 2009. 484 p.

9. Tulupev A.L., Sirotkin A.V., Nikolenko S.I. Bajesovskie seti logiko-veroyatnostnyj podhod. Saint Petersburgh, Izdatelstvo SPBGU; 2009. 400 p. (In Russ).

10. Koller D., Friedman N. Probabilistic graphical models. Principles and Techniques. Cambridge, MIT Press; 2009. 1231 p.

11. Russel S., Norvig P. Artificial intelligence a modern approach. N.J., Pearson; 2009. 484 p.

12. Lemain E. Proverka statisticheskih gipotez. Moscow, Nauka; 1987. 408 p. (In Russ.).