Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Concept Videos

Leaky Scanning02:28

Leaky Scanning

5.5K
During most eukaryotic translation processes, the small 40S ribosome subunit scans an mRNA from its 5' end until it encounters the first start AUG codon. The large 60S ribosomal subunit then joins the smaller one to initiate protein synthesis. The location of the translation initiation is largely determined by the nucleotides near the start codon as there may be multiple translation initiation sites present on the mRNA.  Marilyn Kozak discovered that the sequence RCCAUGG (where R...
5.5K
Defense Mechanism Against Infection01:26

Defense Mechanism Against Infection

8.9K
Natural flora, body system defenses, and inflammation are natural barriers of the body against infectious agents regardless of previous exposure. Normal floras of the human body refer to the microbial population that colonizes the skin and mucous membranes.
In addition, many body organ systems have unique defenses against infection. The skin is an intact, multilayered surface preventing invasion by microorganisms unless impaired. Mucous membranes lining the mouth, nose, and eyelids are barriers...
8.9K

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same authorSame journal

Tools and benchmarks evolve: what is their impact on parameter tuning in SBSE experiments?

Empirical software engineering·2025
Same author

Causes and effects of fitness landscapes in system test generation: a replication study.

Automated software engineering·2025
Same author

A comprehensive study of machine learning techniques for log-based anomaly detection.

Empirical software engineering·2025
Same author

Technology adoption performance evaluation applied to testing industrial REST APIs.

Automated software engineering·2024
Same author

Tool report: EvoMaster-black and white box search-based fuzzing for REST, GraphQL and RPC APIs.

Automated software engineering·2024
Same author

Building an open-source system test generation tool: lessons learned and empirical analyses with EvoMaster.

Software quality journal·2023

Related Experiment Video

Updated: Dec 14, 2025

Author Spotlight: Innovations in iTUG Test for Enhanced Risk Assessment and Cognitive Insights
05:26

Author Spotlight: Innovations in iTUG Test for Enhanced Risk Assessment and Cognitive Insights

Published on: October 25, 2024

1.6K

Search-based multi-vulnerability testing of XML injections in web applications.

Sadeeq Jan1,2, Annibale Panichella1,3, Andrea Arcuri4

  • 1SnT, University of Luxembourg, Luxembourg, Luxembourg.

Empirical Software Engineering
|July 21, 2020
PubMed
Summary

This study introduces COMIX, a new algorithm to find multiple web service vulnerabilities simultaneously. COMIX improves upon single-target search methods, enhancing security testing efficiency.

Keywords:
Code injection vulnerabilitiesSearch-based software engineeringSecurity testing

More Related Videos

High-throughput and Comprehensive Drug Surveillance Using Multisegment Injection-Capillary Electrophoresis-Mass Spectrometry
10:17

High-throughput and Comprehensive Drug Surveillance Using Multisegment Injection-Capillary Electrophoresis-Mass Spectrometry

Published on: April 23, 2019

10.1K
The Quantification of Injectability by Mechanical Testing
04:46

The Quantification of Injectability by Mechanical Testing

Published on: May 13, 2020

8.5K

Related Experiment Videos

Last Updated: Dec 14, 2025

Author Spotlight: Innovations in iTUG Test for Enhanced Risk Assessment and Cognitive Insights
05:26

Author Spotlight: Innovations in iTUG Test for Enhanced Risk Assessment and Cognitive Insights

Published on: October 25, 2024

1.6K
High-throughput and Comprehensive Drug Surveillance Using Multisegment Injection-Capillary Electrophoresis-Mass Spectrometry
10:17

High-throughput and Comprehensive Drug Surveillance Using Multisegment Injection-Capillary Electrophoresis-Mass Spectrometry

Published on: April 23, 2019

10.1K
The Quantification of Injectability by Mechanical Testing
04:46

The Quantification of Injectability by Mechanical Testing

Published on: May 13, 2020

8.5K

Area of Science:

  • Computer Science
  • Software Engineering
  • Cybersecurity

Background:

  • Web applications frequently interact with internal web services, posing security risks.
  • Malicious user inputs via front-ends can exploit vulnerabilities in these web services.
  • Existing techniques for detecting XML Injection (XMLi) focus on single malicious messages, limiting scalability and effectiveness.

Purpose of the Study:

  • To develop a novel search-based technique for uncovering multiple web service vulnerabilities concurrently.
  • To address the ineffectiveness and scalability issues of single-target search methods in security testing.
  • To introduce a co-evolutionary algorithm (COMIX) specifically designed for multi-vulnerability discovery.

Main Methods:

  • Proposed a novel co-evolutionary algorithm named COMIX.
  • Tailored COMIX to identify multiple malicious messages and corresponding vulnerabilities.
  • Evaluated COMIX's performance against single-target search and other multi-target algorithms.

Main Results:

  • COMIX effectively uncovers multiple vulnerabilities, unlike traditional single-target approaches.
  • Experimental results demonstrate COMIX's superiority over single-target search for XML Injection (XMLi).
  • COMIX also outperforms other multi-target search algorithms originally designed for white-box unit testing.

Conclusions:

  • COMIX offers a more effective and scalable solution for web service security testing.
  • The algorithm successfully addresses the limitations of current methods in detecting multiple vulnerabilities.
  • This approach enhances the ability to identify and mitigate a wider range of security flaws in web applications.