{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,14]],"date-time":"2025-11-14T07:35:58Z","timestamp":1763105758934,"version":"3.40.3"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030648800"},{"type":"electronic","value":"9783030648817"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-64881-7_2","type":"book-chapter","created":{"date-parts":[[2020,12,2]],"date-time":"2020-12-02T00:04:16Z","timestamp":1606867456000},"page":"20-34","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Interrogating Virtual Agents: In Quest of Security Vulnerabilities"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6086-8846","authenticated-orcid":false,"given":"Josip","family":"Bozic","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0462-2283","authenticated-orcid":false,"given":"Franz","family":"Wotawa","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,12,2]]},"reference":[{"key":"2_CR1","unstructured":"Apache HttpComponents - HttpClient. https:\/\/hc.apache.org\/httpcomponents-client-ga\/. Accessed 06 Sept 2018"},{"key":"2_CR2","unstructured":"Aztekium Bot. http:\/\/aztekium.pl\/bot. Accessed 27 Aug 2020"},{"key":"2_CR3","unstructured":"Burp Suite. http:\/\/portswigger.net\/burp\/. Accessed 27 Aug 2020"},{"key":"2_CR4","unstructured":"Chatbot Report 2019: Global Trends and Analysis. https:\/\/chatbotsmagazine.com\/chatbot-report-2019-global-trends-and-analysis-a487afec05b. Accessed 05 Aug 2020"},{"key":"2_CR5","unstructured":"Content Spoofing Software Attack. https:\/\/owasp.org\/www-community\/attacks\/Content_Spoofing. Accessed 08 Aug 2020"},{"key":"2_CR6","unstructured":"DDoS attacks through XSS. https:\/\/www.incibe-cert.es\/en\/blog\/ddos-attacks-through-xss. Accessed 05 Aug 2020"},{"key":"2_CR7","unstructured":"Grammar-solver. https:\/\/github.com\/bd21\/Grammar-Solver. Accessed 13 July 2018"},{"key":"2_CR8","unstructured":"HTML Tutorial. https:\/\/www.w3schools.com\/html\/. Accessed 13 July 2018"},{"key":"2_CR9","unstructured":"Jeeney AI. http:\/\/www.jeeney.com. Accessed 27 Aug 2020"},{"key":"2_CR10","unstructured":"OWASP Top Ten Web Application Security Risks. https:\/\/www.owasp.org\/index.php\/Category:OWASP_Top_Ten_Project. Accessed 10 Aug 2020"},{"key":"2_CR11","unstructured":"OWASP ZAP Zed Attack Proxy. https:\/\/owasp.org\/www-project-zap\/. Accessed 27 Aug 2020"},{"key":"2_CR12","unstructured":"Selenium. https:\/\/www.selenium.dev. Accessed 10 Aug 2020"},{"key":"2_CR13","unstructured":"Top 12 Chatbots Trends and Statistics to Follow in 2020. https:\/\/aalavai.com\/post\/top-12-chatbots-trends-and-statistics-to-follow-in-2020. Accessed 05 Aug 2020"},{"key":"2_CR14","unstructured":"XSS Filter Bypass List. https:\/\/gist.github.com\/rvrsh3ll\/09a8b933291f9f98e8ec. Accessed 11 Aug 2020"},{"key":"2_CR15","unstructured":"XSS Filter Evasion Cheat Sheet. https:\/\/www.owasp.org\/index.php\/XSS_Filter_Evasion_Cheat_Sheet. Accessed 13 July 2018"},{"key":"2_CR16","unstructured":"Altinok, D.: An ontology-based dialogue management system for banking and finance dialogue systems. In: Proceedings of the the First Financial Narrative Processing Workshop (FNP 2018)@LREC\u201918 (2018)"},{"key":"2_CR17","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1007\/978-3-030-02053-8_32","volume-title":"Human Systems Engineering and Design","author":"A Beriault-Poirier","year":"2019","unstructured":"Beriault-Poirier, A., Prom Tep, S., S\u00e9n\u00e9cal, S.: Putting chatbots to the test: does the user experience score higher with chatbots than websites? In: Ahram, T., Karwowski, W., Taiar, R. (eds.) IHSED 2018. AISC, vol. 876, pp. 204\u2013212. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-02053-8_32"},{"key":"2_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-319-99927-2_3","volume-title":"Testing Software and Systems","author":"J Bozic","year":"2018","unstructured":"Bozic, J., Wotawa, F.: Security testing for chatbots. In: Medina-Bulo, I., Merayo, M.G., Hierons, R. (eds.) ICTSS 2018. LNCS, vol. 11146, pp. 33\u201338. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-99927-2_3"},{"issue":"1","key":"2_CR19","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1007\/s11219-019-09469-y","volume":"28","author":"J Bozic","year":"2020","unstructured":"Bozic, J., Wotawa, F.: Planning-based security testing of web applications with attack grammars. Softw. Qual. J. 28(1), 307\u2013334 (2020). https:\/\/doi.org\/10.1007\/s11219-019-09469-y","journal-title":"Softw. Qual. J."},{"key":"2_CR20","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/978-3-030-58793-2_34","volume-title":"Quality of Information and Communications Technology","author":"S Bravo-Santos","year":"2020","unstructured":"Bravo-Santos, S., Guerra, E., de Lara, J.: Testing chatbots with Charm. In: Shepperd, M., Brito e Abreu, F., Rodrigues da Silva, A., P\u00e9rez-Castillo, R. (eds.) QUATIC 2020. CCIS, vol. 1266, pp. 426\u2013438. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-58793-2_34"},{"issue":"1","key":"2_CR21","doi-asserted-by":"publisher","first-page":"1925","DOI":"10.1007\/s10586-018-2334-5","volume":"22","author":"K Chung","year":"2018","unstructured":"Chung, K., Park, R.C.: Chatbot-based heathcare service with a knowledge base for cloud computing. Clust. Comput. 22(1), 1925\u20131937 (2018). https:\/\/doi.org\/10.1007\/s10586-018-2334-5","journal-title":"Clust. Comput."},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"Doherty, D., Curran, K.: Chatbots for online banking services. In: Web Intelligence, vol. 17, Issue 4 (2019)","DOI":"10.3233\/WEB-190422"},{"key":"2_CR23","unstructured":"Duchene, F., Rawat, S., Richier, J.L., Groz, R.: KameleonFuzz : the day Darwin drove my XSS Fuzzer! In: Proceedings of the 1st European workshop on Web Application Security Research (WASR 2013) (2013)"},{"issue":"2","key":"2_CR24","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1002\/stvr.1580","volume":"26","author":"M Felderer","year":"2016","unstructured":"Felderer, M., Zech, P., Breu, R., B\u00fcchler, M., Pretschner, A.: Model-based security testing: a taxonomy and systematic classification. Softw. Test. Verif. Reliab. 26(2), 119\u2013148 (2016)","journal-title":"Softw. Test. Verif. Reliab."},{"issue":"4","key":"2_CR25","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1145\/3085558","volume":"24","author":"A F\u00f8lstad","year":"2017","unstructured":"F\u00f8lstad, A., Brandtz\u00e6g, P.B.: Chatbots and the new world of HCI. ACM Interact. 24(4), 38\u201342 (2017)","journal-title":"ACM Interact."},{"key":"2_CR26","unstructured":"Gabarron, E., Larbi, D., Denecke, K., \u00c5rsand, E.: What do we know about the use of chatbots for public health? In: Studies in Health Technology and Informatics (2020)"},{"key":"2_CR27","doi-asserted-by":"crossref","unstructured":"Heiderich, M., Schwenk, J., Frosch, T., Magazinius, J., Yang, E.Z.: mXSS Attacks: attacking well-secured web-applications by using innerHTML mutations. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS 2013) (2013)","DOI":"10.1145\/2508859.2516723"},{"key":"2_CR28","doi-asserted-by":"crossref","unstructured":"Lin, A.W., Barcel\u00f3, P.: String solving with word equations and transducers: towards a logic for analysing mutation XSS. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2016) (2016)","DOI":"10.1145\/2837614.2837641"},{"key":"2_CR29","unstructured":"Mauldin, M.L.: ChatterBots, TinyMuds and the turing test: entering the Loebner prize competition. In: AAAI 1994 Proceedings of the Twelfth National Conference on Artificial Intelligence, vol. 1, pp. 16\u201321 (1994)"},{"key":"2_CR30","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1007\/978-3-319-74690-6_20","volume-title":"The International Conference on Advanced Machine Learning Technologies and Applications (AMLTA2018)","author":"FA Mereani","year":"2018","unstructured":"Mereani, F.A., Howe, J.M.: Detecting cross-site scripting attacks using machine learning. In: Hassanien, A.E., Tolba, M.F., Elhoseny, M., Mostafa, M. (eds.) AMLTA 2018. AISC, vol. 723, pp. 200\u2013210. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-74690-6_20"},{"key":"2_CR31","doi-asserted-by":"crossref","unstructured":"Mohammadi, M., Chu, B., Lipford, H.R.: Detecting cross-site scripting vulnerabilities through automated unit testing. In: Proceedings of the 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS 2017), pp. 364\u2013373 (2017)","DOI":"10.1109\/QRS.2017.46"},{"key":"2_CR32","doi-asserted-by":"crossref","unstructured":"Okanovi\u0107, D., Beck, S., Merz, L., Zorn, C., Merino, L., van Hoorn, A., Beck, F.: Can a chatbot support software engineers with load testing? Approach and experiences. In: Proceedings of the 11th ACM\/SPEC International Conference on Performance Engineering (ICPE 2020) (2020)","DOI":"10.1145\/3358960.3375792"},{"issue":"8","key":"2_CR33","doi-asserted-by":"publisher","first-page":"e1685","DOI":"10.1002\/stvr.1685","volume":"28","author":"M Peroli","year":"2018","unstructured":"Peroli, M., De Meo, F., Vigan\u00f2, L., Guardini, D.: MobSTer: a model-based security testing framework for web applications. Softw. Test. Verif. Reliab. 28(8), e1685 (2018)","journal-title":"Softw. Test. Verif. Reliab."},{"key":"2_CR34","doi-asserted-by":"publisher","first-page":"106960","DOI":"10.1016\/j.comnet.2019.106960","volume":"166","author":"GE Rodr\u00edguez","year":"2020","unstructured":"Rodr\u00edguez, G.E., Torres, J.G., Flores, P., Benavides, D.E.: Cross-site scripting (XSS) attacks and mitigation: a survey. Comput. Netw. 166, 106960 (2020)","journal-title":"Comput. Netw."},{"key":"2_CR35","unstructured":"Ruane, E., Faure, T., Smith, R., Bean, D., Carson-Berndsen, J., Ventresque, A.: BoTest: a framework to test the quality of conversational agents using divergent input examples. In: Proceedings of the 23rd International Conference on Intelligent User Interfaces Companion (IUI 2018 Companion) (2018)"},{"key":"2_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1007\/978-3-319-47443-4_5","volume-title":"Testing Software and Systems","author":"DE Simos","year":"2016","unstructured":"Simos, D.E., Kleine, K., Ghandehari, L.S.G., Garn, B., Lei, Yu.: A combinatorial approach to analyzing cross-site scripting (XSS) vulnerabilities in web application security testing. In: Wotawa, F., Nica, M., Kushik, N. (eds.) ICTSS 2016. LNCS, vol. 9976, pp. 70\u201385. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-47443-4_5"},{"key":"2_CR37","doi-asserted-by":"crossref","unstructured":"Sudhodanan, A., Armando, A., Carbone, R., Compagna, L.: Attack patterns for black-box security testing of multi-party web applications. In: Proceedings of the 23rd Network and Distributed System Security Symposium (NDSS 2016) (2016)","DOI":"10.14722\/ndss.2016.23286"},{"key":"2_CR38","doi-asserted-by":"crossref","unstructured":"Vasconcelos, M., Candello, H., Pinhanez, C., dos Santos, T.: Bottester: testing conversational systems with simulated users. In: IHC 2017: Proceedings of the XVI Brazilian Symposium on Human Factors in Computing Systems (2017)","DOI":"10.1145\/3160504.3160584"},{"issue":"1","key":"2_CR39","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1145\/365153.365168","volume":"9","author":"J Weizenbaum","year":"1966","unstructured":"Weizenbaum, J.: ELIZA-a computer program for the study of natural language communication between man and machine. Commun. ACM 9(1), 36\u201345 (1966)","journal-title":"Commun. ACM"}],"container-title":["Lecture Notes in Computer Science","Testing Software and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-64881-7_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:17:25Z","timestamp":1733098645000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-64881-7_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030648800","9783030648817"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-64881-7_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"2 December 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICTSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Testing Software and Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Naples","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 December 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"32","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pts2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/home.ing.unisannio.it\/ictss2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"43","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"17","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"40% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.85","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}