The World Wide Web, initially intended as a way to publish static hypertexts on the Internet, is moving toward complex applications. Static Web sites are gradually being replaced by dynamic sites, where information is stored in databases and nontrivial computation is performed. Reverse engineering of a model from an existing Web application is useful for its understanding and evolution. However, static analysis of its source code may be extremely difficult (and, in general, infeasible) because of the presence of dynamic generation of the HTML code that is part of the application under analysis. Moreover, static analysis requires the ability to process multiple languages. In this paper, a dynamic analysis technique is proposed for the extraction of a Web application model through its execution. The HTML code produced during execution on proper input values is subject to static analysis. Availability of statistical data about accesses to the pages produced by the Web application is exploited for statistical testing and analysis of the navigation habits of users. Anomalous behaviors can be detected and indicated for an improvement intervention
Dynamic Model Extraction and Statistical Analysis of Web Applications
RICCA, FILIPPO
2002-01-01
Abstract
The World Wide Web, initially intended as a way to publish static hypertexts on the Internet, is moving toward complex applications. Static Web sites are gradually being replaced by dynamic sites, where information is stored in databases and nontrivial computation is performed. Reverse engineering of a model from an existing Web application is useful for its understanding and evolution. However, static analysis of its source code may be extremely difficult (and, in general, infeasible) because of the presence of dynamic generation of the HTML code that is part of the application under analysis. Moreover, static analysis requires the ability to process multiple languages. In this paper, a dynamic analysis technique is proposed for the extraction of a Web application model through its execution. The HTML code produced during execution on proper input values is subject to static analysis. Availability of statistical data about accesses to the pages produced by the Web application is exploited for statistical testing and analysis of the navigation habits of users. Anomalous behaviors can be detected and indicated for an improvement intervention
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
