Mathematical models of the technology for testing dom xss vulnerability and sql injections vulnerability

The analysis of various types of statistical materials from known organizations has shown that cross-site scripting – XSS (Cross Site Scripting) is one of the most dangerous types of attacks (vulnerabilities). However, in order to identify these threats and the possible consequences of their spread in the process of safe management of IT projects and to propose the best ways to solve this problem, there is a need for mathematical formalization of the process of their initialization and dissemination. In a number of papers, attempts have been made to mathematically formalize the process of finding and eliminating vulnerabilities of this kind. However, the presented models do not take into account the latest trends in XSS vulnerability, namely the difference between their types ("stored XSS", "reflected XSS" and DOM Based XSS) and the need for their detection. The aim of the work is to develop mathematical models of the technology for testing DOM XSS vulnerability and SQL injections vulnerability. Mathematical models for testing DOM XSS complex of vulnerabilities and the technology for testing to SQL injections vulnerability have been developed. GERT-network synthesis approach is the basis of mathematical modeling. Mathematical model for testing DOM XSS complex of vulnerabilities differs from the known ones by taking into account the specifics of complex analysis of various types of XSS vulnerabilities (stored XSS, reflected XSS and DOM Based XSS) and separate inclusion of DOM Based XSS automatic audit procedures in the algorithm. This makes possible to conduct an analytical assessment of the time spent while testing these vulnerabilities in the context of implementing a strategy for developing safe software. Mathematical model for testing the technology of SQL injections vulnerability differs from the known ones by an improved method for determining the distance between injection results. The use of Jaro–Winkler criterion in the proposed method to compare the results of injecting SQL code and the introduction of a threshold value will increase the accuracy of the results of software security testing