-
Mining REST APIs for Potential Mass Assignment Vulnerabilities
Authors:
Arash Mazidi,
Davide Corradini,
Mohammad Ghafari
Abstract:
REST APIs have a pivotal role in accessing protected resources. Despite the availability of security testing tools, mass assignment vulnerabilities are common in REST APIs, leading to unauthorized manipulation of sensitive data. We propose a lightweight approach to mine the REST API specifications and identify operations and attributes that are prone to mass assignment. We conducted a preliminary…
▽ More
REST APIs have a pivotal role in accessing protected resources. Despite the availability of security testing tools, mass assignment vulnerabilities are common in REST APIs, leading to unauthorized manipulation of sensitive data. We propose a lightweight approach to mine the REST API specifications and identify operations and attributes that are prone to mass assignment. We conducted a preliminary study on 100 APIs and found 25 prone to this vulnerability. We confirmed nine real vulnerable operations in six APIs.
△ Less
Submitted 4 May, 2024; v1 submitted 2 May, 2024;
originally announced May 2024.
-
Automated Black-box Testing of Mass Assignment Vulnerabilities in RESTful APIs
Authors:
Davide Corradini,
Michele Pasqua,
Mariano Ceccato
Abstract:
Mass assignment is one of the most prominent vulnerabilities in RESTful APIs. This vulnerability originates from a misconfiguration in common web frameworks, such that naming convention and automatic binding can be exploited by an attacker to craft malicious requests writing confidential resources and (massively) overriding data, that should be read-only and/or confidential. In this paper, we adop…
▽ More
Mass assignment is one of the most prominent vulnerabilities in RESTful APIs. This vulnerability originates from a misconfiguration in common web frameworks, such that naming convention and automatic binding can be exploited by an attacker to craft malicious requests writing confidential resources and (massively) overriding data, that should be read-only and/or confidential. In this paper, we adopt a black-box testing perspective to automatically detect mass assignment vulnerabilities in RESTful APIs. Execution scenarios are generated purely based on the OpenAPI specification, that lists the available operations and their message format. Clustering is used to group similar operations and reveal read-only fields, the latter are candidate for mass assignment. Then, interaction sequences are automatically generated by instantiating abstract testing templates, trying to exploit the potential vulnerabilities. Finally, test cases are run, and their execution is assessed by a specific oracle, in order to reveal whether the vulnerability could be successfully exploited. The proposed novel approach has been implemented and evaluated on a set of case studies written in different programming languages. The evaluation highlights that the approach is quite effective in detecting seeded vulnerabilities, with a remarkably high accuracy.
△ Less
Submitted 3 January, 2023;
originally announced January 2023.
-
Restats: A Test Coverage Tool for RESTful APIs
Authors:
Davide Corradini,
Amedeo Zampieri,
Michele Pasqua,
Mariano Ceccato
Abstract:
Test coverage is a standard measure used to evaluate the completeness of a test suite. Coverage is typically computed on source code, by assessing the extent of source code entities (e.g., statements, data dependencies, control dependencies) that are exercised when running test cases. When considering REST APIs, an alternative perspective to assess test suite completeness is with respect to the se…
▽ More
Test coverage is a standard measure used to evaluate the completeness of a test suite. Coverage is typically computed on source code, by assessing the extent of source code entities (e.g., statements, data dependencies, control dependencies) that are exercised when running test cases. When considering REST APIs, an alternative perspective to assess test suite completeness is with respect to the service definition. This paper presents Restats, a test coverage tool for REST APIs that supports eight state-of-the-art test coverage metrics with a black-box perspective, i.e., only relying on the OpenAPI interface specification of the REST API under test. In fact, metrics are computed by only observing the HTTP requests and responses occurring at testing time, and no access to source/compiled code of the REST API is required. These coverage metrics come in handy for: (i) developers and test engineers working at development and maintenance tasks; (ii) stakeholders and customers who want to evaluate the completeness of acceptance tests; (iii) researches interested in comparing different automated test case generation strategies.
△ Less
Submitted 18 August, 2021;
originally announced August 2021.
-
Empirical Comparison of Black-box Test Case Generation Tools for RESTful APIs
Authors:
Davide Corradini,
Amedeo Zampieri,
Michele Pasqua,
Mariano Ceccato
Abstract:
In literature, we can find research tools to automatically generate test cases for RESTful APIs, addressing the specificity of this particular programming domain. However, no direct comparison of these tools is available to guide developers in deciding which tool best fits their REST API project. In this paper, we present the results of an empirical comparison of automated black-box test case gene…
▽ More
In literature, we can find research tools to automatically generate test cases for RESTful APIs, addressing the specificity of this particular programming domain. However, no direct comparison of these tools is available to guide developers in deciding which tool best fits their REST API project. In this paper, we present the results of an empirical comparison of automated black-box test case generation approaches for REST APIs. We surveyed the available black-box testing tools that have been proposed in recent literature, finding four usable prototypes: RestTestGen, RESTler, bBOXRT and RESTest. We used these tools to generate test cases for 14 real-world REST services. Then, testing results have been analyzed and compared in terms of robustness (i.e., success rate) and test coverage. Among the considered tools, RESTler appears to be the most solid, able to successfully test all case studies (the other tools experienced crashes). Conversely, test cases generated by RestTestGen scored the highest coverage, suggesting that its testing strategy is the most effective in testing REST APIs.
△ Less
Submitted 18 August, 2021;
originally announced August 2021.
-
A Framework for In-Vivo Testing of Mobile Applications
Authors:
Mariano Ceccato,
Davide Corradini,
Luca Gazzola,
Fitsum Meshesha Kifetew,
Leonardo Mariani,
Matteo Orrù,
Paolo Tonella
Abstract:
The ecosystem in which mobile applications run is highly heterogeneous and configurable. All layers upon which mobile apps are built offer wide possibilities of variations, from the device and the hardware, to the operating system and middleware, up to the user preferences and settings. Testing all possible configurations exhaustively, before releasing the app, is unaffordable. As a consequence, t…
▽ More
The ecosystem in which mobile applications run is highly heterogeneous and configurable. All layers upon which mobile apps are built offer wide possibilities of variations, from the device and the hardware, to the operating system and middleware, up to the user preferences and settings. Testing all possible configurations exhaustively, before releasing the app, is unaffordable. As a consequence, the app may exhibit different, including faulty, behaviours when executed in the field, under specific configurations. In this paper, we describe a framework that can be instantiated to support in-vivo testing of a mobile app. The framework monitors the configuration in the field and triggers in-vivo testing when an untested configuration is recognized. Experimental results show that the overhead introduced by monitoring is unnoticeable to negligible (i.e., 0-6%) depending on the device being used (high- vs. low-end). In-vivo test execution required on average 3s: if performed upon screen lock activation, it introduces just a slight delay before locking the device.
△ Less
Submitted 5 February, 2020;
originally announced February 2020.
-
Insight into the Li$_2$CO$_3$-K$_2$CO$_3$ eutectic mixture from classical molecular dynamics: thermodynamics, structure and dynamics
Authors:
Dario Corradini,
François-Xavier Coudert,
Rodolphe Vuilleumier
Abstract:
In this work, we use molecular dynamics simulations to study the thermodynamics, structure and dynamics of the Li$_2$CO$_3$-K$_2$CO$_3$ (62:38 mol%) eutectic mixture. We present a new classical non-polarizable force field for this molten salt mixture, optimized using experimental and first principles molecular dynamics simulations as reference data. This simple force field allows efficient molecul…
▽ More
In this work, we use molecular dynamics simulations to study the thermodynamics, structure and dynamics of the Li$_2$CO$_3$-K$_2$CO$_3$ (62:38 mol%) eutectic mixture. We present a new classical non-polarizable force field for this molten salt mixture, optimized using experimental and first principles molecular dynamics simulations as reference data. This simple force field allows efficient molecular simulations of phenomena at long timescales. We use this optimized force field to describe the behavior of the eutectic mixture in the 900-1100 K temperature range, at pressures between 0 and 5 GPa. After studying the equation of state in these thermodynamic conditions, we present molecular insight into the structure and dynamics of the melt. In particular, we present an analysis of the temperature and pressure dependence of the eutectic mixture's self diffusion coefficients, viscosity and ionic conductivity.
△ Less
Submitted 16 March, 2016; v1 submitted 28 December, 2015;
originally announced December 2015.
-
Tuning the Electronic Structure of Anatase Through Fluorination
Authors:
Dario Corradini,
Damien Dambournet,
Mathieu Salanne
Abstract:
A highly fluorinated anatase lattice has been recently reported, providing a new class of materials whose general chemical formula is $\rm Ti_{1- \mathit x}\square_{\mathit x}X_{4\mathit x}O_{2- 4\mathit x}$ (X$^-$ = F$^-$ or OH$^-$). To characterise the complex structural features of the material and the different F environments, we here apply a computational screening procedure. After deriving a…
▽ More
A highly fluorinated anatase lattice has been recently reported, providing a new class of materials whose general chemical formula is $\rm Ti_{1- \mathit x}\square_{\mathit x}X_{4\mathit x}O_{2- 4\mathit x}$ (X$^-$ = F$^-$ or OH$^-$). To characterise the complex structural features of the material and the different F environments, we here apply a computational screening procedure. After deriving a polarisable force--field from DFT simulations, we screen in a step-wise fashion a large number of possible configurations differing in the positioning of the titanium vacancies ($\square$) and of the fluorine atoms. At each step only 10% of the configurations are retained. At the end of the screening procedure, a configuration is selected and simulated using DFT-based molecular dynamics. This allows us to analyse the atomic structure of the material, which is strongly disordered, leading to a strong decrease (by 0.8~eV) of the band gap compared to conventional anatase.
△ Less
Submitted 26 May, 2015; v1 submitted 21 March, 2014;
originally announced March 2014.
-
Prediction of the thermophysical properties of molten salt fast reactor fuel from first-principles
Authors:
A. E. Gheribi,
D. Corradini,
L. Dewan,
P. Chartrand,
C. Simon,
P. A. Madden,
M. Salanne
Abstract:
Molten fluorides are known to show favorable thermophysical properties which make them good candidate coolants for nuclear fission reactors. Here we investigate the special case of mixtures of lithium fluoride and thorium fluoride, which act both as coolant and fuel in the molten salt fast reactor concept. By using ab initio parameterized polarizable force fields, we show that it is possible to ca…
▽ More
Molten fluorides are known to show favorable thermophysical properties which make them good candidate coolants for nuclear fission reactors. Here we investigate the special case of mixtures of lithium fluoride and thorium fluoride, which act both as coolant and fuel in the molten salt fast reactor concept. By using ab initio parameterized polarizable force fields, we show that it is possible to calculate the whole set of properties (density, thermal expansion, heat capacity, viscosity and thermal conductivity) which are necessary for assessing the heat transfer performance of the melt over the whole range of compositions and temperatures. We then deduce from our calculations several figures of merit which are important in hel** the optimization of the design of molten salt fast reactors.
△ Less
Submitted 18 February, 2014;
originally announced February 2014.
-
Effect of dispersion interactions on the properties of LiF in condensed phases
Authors:
Dario Corradini,
Dario Marrocchelli,
Paul A. Madden,
Mathieu Salanne
Abstract:
Classical molecular dynamics simulations are performed on LiF in the framework of the polarizable ion model. The overlap-repulsion and polarization terms of the interaction potential are derived on a purely non empirical, first-principles basis. For the dispersion, three cases are considered: a first one in which the dispersion parameters are set to zero and two others in which they are included,…
▽ More
Classical molecular dynamics simulations are performed on LiF in the framework of the polarizable ion model. The overlap-repulsion and polarization terms of the interaction potential are derived on a purely non empirical, first-principles basis. For the dispersion, three cases are considered: a first one in which the dispersion parameters are set to zero and two others in which they are included, with different parameterizations. Various thermodynamic, structural and dynamic properties are calculated for the solid and liquid phases. The melting temperature is also obtained by direct coexistence simulations of the liquid and solid phases. Dispersion interactions appear to have an important effect on the density of both phases and on the melting point, although the liquid properties are not affected when simulations are performed in the NVT ensemble at the experimental density.
△ Less
Submitted 17 February, 2014;
originally announced February 2014.
-
Fragile to strong crossover coupled to liquid-liquid transition in hydrophobic solutions
Authors:
D. Corradini,
P. Gallo,
S. V. Buldyrev,
H. E. Stanley
Abstract:
Using discrete molecular dynamics simulations we study the relation between the thermodynamic and diffusive behaviors of a primitive model of aqueous solutions of hydrophobic solutes consisting of hard spheres in the Jagla particles solvent, close to the liquid-liquid critical point of the solvent. We find that the fragile-to-strong dynamic transition in the diffusive behavior is always coupled to…
▽ More
Using discrete molecular dynamics simulations we study the relation between the thermodynamic and diffusive behaviors of a primitive model of aqueous solutions of hydrophobic solutes consisting of hard spheres in the Jagla particles solvent, close to the liquid-liquid critical point of the solvent. We find that the fragile-to-strong dynamic transition in the diffusive behavior is always coupled to the low-density/high-density liquid transition. Above the liquid-liquid critical pressure, the diffusivity crossover occurs at the Widom line, the line along which the thermodynamic response functions show maxima. Below the liquid-liquid critical pressure, the diffusivity crossover occurs when the limit of mechanical stability lines are crossed, as indicated by the hysteresis observed when going from high to low temperature and vice versa. These findings show that the strong connection between dynamics and thermodynamics found in bulk water persists in hydrophobic solutions for concentrations from low to moderate, indicating that experiments measuring the relaxation time in aqueous solutions represent a viable route for solving the open questions in the field of supercooled water.
△ Less
Submitted 7 May, 2012; v1 submitted 30 March, 2012;
originally announced April 2012.
-
Structural Properties of High and Low Density Water in a Supercooled Aqueous Solution of Salt
Authors:
D. Corradini,
M. Rovere,
P. Gallo
Abstract:
We consider and compare the structural properties of bulk TIP4P water and of a sodium chloride aqueous solution in TIP4P water with concentration c = 0.67 mol/kg, in the metastable supercooled region. In a previous paper [D. Corradini, M. Rovere and P. Gallo, J. Chem. Phys. 132, 134508 (2010)] we found in both systems the presence of a liquid-liquid critical point (LLCP). The LLCP is believed to b…
▽ More
We consider and compare the structural properties of bulk TIP4P water and of a sodium chloride aqueous solution in TIP4P water with concentration c = 0.67 mol/kg, in the metastable supercooled region. In a previous paper [D. Corradini, M. Rovere and P. Gallo, J. Chem. Phys. 132, 134508 (2010)] we found in both systems the presence of a liquid-liquid critical point (LLCP). The LLCP is believed to be the end point of the coexistence line between a high density liquid (HDL) and a low density liquid (LDL) phase of water. In the present paper we study the different features of water-water structure in HDL and LDL both in bulk water and in the solution. We find that the ions are able to modify the bulk LDL structure, rendering water-water structure more similar to the bulk HDL case. By the study of the hydration structure in HDL and LDL, a possible mechanism for the modification of the bulk LDL structure in the solution is identified in the substitution of the oxygen by the chloride ion in oxygen coordination shells.
△ Less
Submitted 27 January, 2011;
originally announced January 2011.
-
Effect of hydrophobic solutes on the liquid-liquid critical point
Authors:
Dario Corradini,
Sergey V. Buldyrev,
Paola Gallo,
H. Eugene Stanley
Abstract:
Jagla ramp particles, interacting through a ramp potential with two characteristic length scales, are known to show in their bulk phase thermodynamic and dynamic anomalies, similar to what is found in water. Jagla particles also exhibit a line of phase transitions separating a low density liquid phase and a high density liquid phase, terminating in a liquid-liquid critical point in a region of the…
▽ More
Jagla ramp particles, interacting through a ramp potential with two characteristic length scales, are known to show in their bulk phase thermodynamic and dynamic anomalies, similar to what is found in water. Jagla particles also exhibit a line of phase transitions separating a low density liquid phase and a high density liquid phase, terminating in a liquid-liquid critical point in a region of the phase diagram that can be studied by simulations. Employing molecular dynamics computer simulations, we study the thermodynamics and the dynamics of solutions of hard spheres (HS) in a solvent formed by Jagla ramp particles. We consider the cases of HS mole fraction x = 0.10, 0.15 and 0.20, and also the case x = 0.50 (a 1:1 mixture of HS and Jagla particles). We find a liquid-liquid critical point, up to the highest HS mole fraction; its position shifts to higher pressures and lower temperatures upon increasing x. We also find that the diffusion coefficient anomalies appear to be preserved for all the mole fractions studied.
△ Less
Submitted 21 June, 2010;
originally announced June 2010.
-
A route to explain water anomalies from results on an aqueous solution of salt
Authors:
D. Corradini,
M. Rovere,
P. Gallo
Abstract:
In this paper we investigate the possibility to detect the hypothesized liquid-liquid critical point of water in supercooled aqueous solutions of salts. Molecular dynamics computer simulations are conducted on bulk TIP4P water and on an aqueous solution of sodium chloride in TIP4P water, with concentration c = 0.67 mol/kg. The liquid-liquid critical point is found both in the bulk and in the solu…
▽ More
In this paper we investigate the possibility to detect the hypothesized liquid-liquid critical point of water in supercooled aqueous solutions of salts. Molecular dynamics computer simulations are conducted on bulk TIP4P water and on an aqueous solution of sodium chloride in TIP4P water, with concentration c = 0.67 mol/kg. The liquid-liquid critical point is found both in the bulk and in the solution. Its position in the thermodynamic plane shifts to higher temperature and lower pressure for the solution. Comparison with available experimental data allowed us to produce the phase diagrams of both bulk water and the aqueous solution as measurable in experiments. Given the position of the liquid-liquid critical point in the solution as obtained from our simulations, the experimental determination of the hypothesized liquid-liquid critical point of water in aqueous solutions of salts appears possible.
△ Less
Submitted 26 March, 2010;
originally announced March 2010.
-
Effect of concentration on the thermodynamics of sodium chloride aqueous solutions in the supercooled regime
Authors:
D. Corradini,
P. Gallo,
M. Rovere
Abstract:
Molecular Dynamics simulations are performed on two sodium chloride solutions in TIP4P water with concentrations c=1.36 mol/kg and c=2.10 mol/kg upon supercooling. The isotherms and isochoresplanes are calculated. The temperature of maximum density line and the limit of mechanical stability line are obtained from the analysis of the thermodynamic planes. The comparison of the results shows that…
▽ More
Molecular Dynamics simulations are performed on two sodium chloride solutions in TIP4P water with concentrations c=1.36 mol/kg and c=2.10 mol/kg upon supercooling. The isotherms and isochoresplanes are calculated. The temperature of maximum density line and the limit of mechanical stability line are obtained from the analysis of the thermodynamic planes. The comparison of the results shows that for densities well above the limit of mechanical stability, the isotherms and isochores of the sodium chloride aqueous solution shift to lower pressures upon increasing concentration while the limit of mechanical stability is very similar to that of bulk waterfor both concentrations. We also find that the temperature of maximum density line shifts to lower pressures and temperatures upon increasing concentration. Indications of the presence ofa liquid-liquid coexistence are found for both concentrations.
△ Less
Submitted 23 March, 2009;
originally announced March 2009.
-
Thermodynamic behaviour and structural properties of an aqueous sodium chloride solution upon supercooling
Authors:
D. Corradini,
P. Gallo,
M. Rovere
Abstract:
We present the results of a molecular dynamics simulation study of thermodynamic and structural properties upon supercooling of a low concentration sodium chloride solution in TIP4P water and the comparison with the corresponding bulk quantities. We study the isotherms and the isochores for both the aqueous solution and bulk water. The comparison of the phase diagrams shows that thermodynamic pr…
▽ More
We present the results of a molecular dynamics simulation study of thermodynamic and structural properties upon supercooling of a low concentration sodium chloride solution in TIP4P water and the comparison with the corresponding bulk quantities. We study the isotherms and the isochores for both the aqueous solution and bulk water. The comparison of the phase diagrams shows that thermodynamic properties of the solution are not merely shifted with respect to the bulk. Moreover, from the analysis of the thermodynamic curves, both the spinodal line and the temperatures of maximum density curve can be calculated. The spinodal line appears not to be influenced by the presence of ions at the chosen concentration, while the temperatures of maximum density curve displays both a mild shift in temperature and a shape modification with respect to bulk. Signatures of the presence of a liquid-liquid critical point are found in the aqueous solution. By analysing the water-ion radial distribution functions of the aqueous solution we observe that upon changing density, structural modifications appear close to the spinodal. For low temperatures additional modifications appear also for densities close to that corresponding to a low density configurational energy minimum.
△ Less
Submitted 16 May, 2008;
originally announced May 2008.
