{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,6]],"date-time":"2025-11-06T19:59:16Z","timestamp":1762459156939},"reference-count":16,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2014,1,23]],"date-time":"2014-01-23T00:00:00Z","timestamp":1390435200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/2.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Braz Comput Soc"],"published-print":{"date-parts":[[2014,12]]},"DOI":"10.1186\/1678-4804-20-4","type":"journal-article","created":{"date-parts":[[2014,1,23]],"date-time":"2014-01-23T17:04:57Z","timestamp":1390496697000},"source":"Crossref","is-referenced-by-count":19,"title":["An automated black box approach for web vulnerability identification and attack scenario generation"],"prefix":"10.1186","volume":"20","author":[{"given":"Rim","family":"Akrout","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eric","family":"Alata","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohamed","family":"Kaaniche","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vincent","family":"Nicomette","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2014,1,23]]},"reference":[{"key":"4_CR1","volume-title":"Mid-year Trend and Risk Report, September 2012","author":"IBM X-Force","year":"2012","unstructured":"IBM X-Force: Mid-year Trend and Risk Report, September 2012. 2012.\n                    http:\/\/www-01.ibm.com\/common\/ssi\/cgi-bin\/ssialias?infotype=SA&subtype=WH&htmlfid=WGL03014USEN"},{"key":"4_CR2","first-page":"9","volume-title":"LADC-2013: Latin-American Symposium on Dependable Computing","author":"E Alata","year":"2013","unstructured":"Alata E, Kaaniche M, Nicomette V, Akrout R: An automated vulnerability-based approach for web applications attack scenarios generation. In LADC-2013: Latin-American Symposium on Dependable Computing. Rio De Janeiro, 02\u201305 April 2013; 2013:9\u20139."},{"key":"4_CR3","first-page":"10","volume-title":"IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2011)","author":"A Dessiatnikoff","year":"2011","unstructured":"Dessiatnikoff A, Akrout R, Alata E, Kaaniche M, Nicomette V: A clustering approach for web vulnerabilities detection. In IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2011). Pasadena, 12\u201314 December 2011; 2011:10\u201310."},{"key":"4_CR4","volume-title":"Proc. of the 15th Int. conf. on World Wide Web (WWW \u201906)","author":"K Stefan","year":"2006","unstructured":"Stefan K, Kirda E, Kruegel C, Jovanovic N: SecuBat: a Web vulnerability scanner. In Proc. of the 15th Int. conf. on World Wide Web (WWW \u201906). Edinburgh, 23\u201326 May 2006; 2006."},{"key":"4_CR5","volume-title":"Proc. 12th Int. Conf. on World Wide Web (WWW\u201903)","author":"YW Huang","year":"2003","unstructured":"Huang YW, Huang SK, Lin TP, Tsai CH: Web application security assessment by fault injection and behavioral monitoring. In Proc. 12th Int. Conf. on World Wide Web (WWW\u201903). Budapest, 20\u201324 May 2003; 2003."},{"key":"4_CR6","first-page":"330","volume-title":"Proc. 2007 IEEE Symposium Pacific Rim Dependable Computing (PRDC 2007)","author":"J Fonseca","year":"2007","unstructured":"Fonseca J, Vieira M, Madeira H: Testing and Comparing Web vulnerability scanning tools for SQL injections and XSS attacks. In Proc. 2007 IEEE Symposium Pacific Rim Dependable Computing (PRDC 2007). Melbourne, 17\u201319 December 2007; 2007:330\u2013337."},{"key":"4_CR7","volume-title":"Proc. 2010 IEEE Symposium on Security and Privacy","author":"J Bau","year":"2010","unstructured":"Bau J, Bursztein E, Gupta D, Mitchell J: State of the art: Automated black-box Web application vulnerability testing. In Proc. 2010 IEEE Symposium on Security and Privacy. Oakland, 16\u201319 May 2010; 2010."},{"key":"4_CR8","volume-title":"Proc. DIMVA 2010","author":"A Doup\u00e9","year":"2010","unstructured":"Doup\u00e9 A, Cova M, Vigna G: Why Johnny can\u2019t pentest: An analysis of black-box Web vulnerability scanners. In Proc. DIMVA 2010. Bonn, 8\u20139 July 2010; 2010."},{"key":"4_CR9","volume-title":"Web Applications Vulnerability Analysis and Intrusion Detection Systems Assessment. PhD Thesis, University of Toulouse, October 2012 (in French)","author":"R Akrout","year":"2010","unstructured":"Akrout R: Web Applications Vulnerability Analysis and Intrusion Detection Systems Assessment. PhD Thesis, University of Toulouse, October 2012 (in French). 2010.\n                    http:\/\/homepages.laas.fr\/rakrout\/PhD_Thesis.pdf"},{"key":"4_CR10","volume-title":"Leveinshtein distance","author":"V Levenshtein","year":"1965","unstructured":"Levenshtein V: Leveinshtein distance. 1965. . Accessed on 22 February 10 \n                    http:\/\/en.wikipedia.org\/wiki\/Levenshtein_distance\n                    \n                   . Accessed on 22 February 10"},{"key":"4_CR11","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/BF02289588","volume":"2","author":"SC Johnson","year":"1967","unstructured":"Johnson SC: Hierarchical clustering schemes. Psychometrika J 1967, 2: 241\u2013254.","journal-title":"Psychometrika J"},{"key":"4_CR12","volume-title":"Software Engineering, 2009. ICSE 2009","author":"A Kiezun","year":"2009","unstructured":"Kiezun A, Guo PJ, Jayaraman K, Ernst MD: Automatic creation of SQL Injection and cross-site scripting attacks. In Software Engineering, 2009. ICSE 2009. IEEE 31st International Conference on Vancouver, 29\u201331 August 2009; 2009."},{"key":"4_CR13","volume-title":"Hack.Lu \u201908","author":"E Gutesman","year":"2008","unstructured":"Gutesman E: gFuzz: An instrumented web application fuzzing environment. In Hack.Lu \u201908. Luxembourg, 22\u201324 October 2008; 2008."},{"key":"4_CR14","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1007\/3-540-58473-0_152","volume-title":"Proc. of the 2nd Intl. Colloquium on Grammatical Inference and Applications (ICGI \u201994)","author":"P Dupont","year":"1994","unstructured":"Dupont P: Regular grammatical inference from positive and negative samples by genetic search: the GIG method. In Proc. of the 2nd Intl. Colloquium on Grammatical Inference and Applications (ICGI \u201994). Alicante, 21\u201323 September 1994; 1994:236\u2013245."},{"key":"4_CR15","first-page":"222","volume-title":"Proc. of the Fourth Intl. Colloquium on Grammatical Inference and Applications (ICGI \u201996)","author":"P Dupont","year":"1996","unstructured":"Dupont P: Incremental regular inference. In Proc. of the Fourth Intl. Colloquium on Grammatical Inference and Applications (ICGI \u201996). Montpellier, 25\u201327 September 1996; 1996:222\u2013237."},{"key":"4_CR16","unstructured":". Accessed 09 December 2010 \n                    http:\/\/anantasec.blogspot.com\/"}],"container-title":["Journal of the Brazilian Computer Society"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/1678-4804-20-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/1678-4804-20-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/1678-4804-20-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,13]],"date-time":"2024-08-13T10:45:46Z","timestamp":1723545946000},"score":1,"resource":{"primary":{"URL":"https:\/\/journal-bcs.springeropen.com\/articles\/10.1186\/1678-4804-20-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,1,23]]},"references-count":16,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2014,12]]}},"alternative-id":["4"],"URL":"https:\/\/doi.org\/10.1186\/1678-4804-20-4","relation":{},"ISSN":["0104-6500","1678-4804"],"issn-type":[{"type":"print","value":"0104-6500"},{"type":"electronic","value":"1678-4804"}],"subject":[],"published":{"date-parts":[[2014,1,23]]},"article-number":"4"}}