Scrooge: Detection of Changes in Web Applications to Enhance Security Testing

Fabio Büsser; Jan Kressebuch; Martín Ochoa; Valentin Zahnd; Ariane Trammell

doi:10.5220/0013139600003899

Scrooge: Detection of Changes in Web Applications to Enhance Security Testing

Fabio Büsser, Jan Kressebuch, Martín Ochoa, Valentin Zahnd, Ariane Trammell

2025

Abstract

Due to the complexity of modern web applications, security testing is a time-consuming process that heavily relies on manual interaction with various analysis tools. This process often needs to be repeated for newer versions of previously tested applications, as new functionalities frequently introduce security vulnerabilities. This paper introduces scrooge, a tool that automates change detection in web application functionality to enhance the efficiency and focus of the security testing process. We evaluate scrooge on various platforms, demonstrating its ability to reliably detect a range of changes. Scrooge successfully identifies different types of changes, showcasing its applicability across diverse scenarios with high accuracy.

Download

Paper Citation

in Harvard Style

Büsser F., Kressebuch J., Ochoa M., Zahnd V. and Trammell A. (2025). Scrooge: Detection of Changes in Web Applications to Enhance Security Testing. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP; ISBN 978-989-758-735-1, SciTePress, pages 48-59. DOI: 10.5220/0013139600003899

in Bibtex Style

@conference{icissp25,
author={Fabio Büsser and Jan Kressebuch and Martín Ochoa and Valentin Zahnd and Ariane Trammell},
title={Scrooge: Detection of Changes in Web Applications to Enhance Security Testing},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP},
year={2025},
pages={48-59},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013139600003899},
isbn={978-989-758-735-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP
TI - Scrooge: Detection of Changes in Web Applications to Enhance Security Testing
SN - 978-989-758-735-1
AU - Büsser F.
AU - Kressebuch J.
AU - Ochoa M.
AU - Zahnd V.
AU - Trammell A.
PY - 2025
SP - 48
EP - 59
DO - 10.5220/0013139600003899
PB - SciTePress