The World Wide Web, initially intended as a way to publish static hypertexts on the Internet, is moving toward complex applications. Static Web sites are being gradually replaced by dynamic sites, where information is stored in databases and non trivial computation is performed. Reverse engineering of a model from an existing Web application is useful for its understanding and evolution. However, a static analysis of its source code may be extremely difficult (and, in general, infeasible) because of the presence of dynamic generation of the HTML code that is part of the application under analysis. Moreover, static analysis requires the ability to process multiple languages. In this paper, a dynamic analysis technique is proposed for the extraction of a Web application model through its execution. The HTML code produced during execution on proper input values is subject to a static analysis. Availability of statistical data about the accesses to the pages produced by the Web application is exploited for statistical testing and for the analysis of the navigation habits of the users. Anomalous behaviors can be detected and indicated for an improvement intervention
Dynamic Model Extraction and Statistical Analysis of Web Applications
Tonella, Paolo;Ricca, Filippo
2002-01-01
Abstract
The World Wide Web, initially intended as a way to publish static hypertexts on the Internet, is moving toward complex applications. Static Web sites are being gradually replaced by dynamic sites, where information is stored in databases and non trivial computation is performed. Reverse engineering of a model from an existing Web application is useful for its understanding and evolution. However, a static analysis of its source code may be extremely difficult (and, in general, infeasible) because of the presence of dynamic generation of the HTML code that is part of the application under analysis. Moreover, static analysis requires the ability to process multiple languages. In this paper, a dynamic analysis technique is proposed for the extraction of a Web application model through its execution. The HTML code produced during execution on proper input values is subject to a static analysis. Availability of statistical data about the accesses to the pages produced by the Web application is exploited for statistical testing and for the analysis of the navigation habits of the users. Anomalous behaviors can be detected and indicated for an improvement interventionI documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
