New Frontiers of Reverse Engineering
FOSE '07 2007 Future of Software Engineering
Applying static analysis for automated extraction of database interactions in web applications
Information and Software Technology
Information and Software Technology
Recovering role-based access control security models from dynamic web applications
ICWE'12 Proceedings of the 12th international conference on Web Engineering
Extracting EFSMs of web applications for formal requirements specification
SAFECOMP'12 Proceedings of the 31st international conference on Computer Safety, Reliability, and Security
Understanding Ajax applications by connecting client and server-side execution traces
Empirical Software Engineering
Automated exploration and analysis of ajax web applications with WebMole
Proceedings of the 22nd international conference on World Wide Web companion
Hi-index | 0.00 |
The relevance and pervasiveness of web applications asa vital part of modern enterprise systems has significantlyincreased in recent years. However, the lack of adequatedocumentation promotes the need for reverse engineeringtools aiming at supporting web application maintenanceand evolution tasks.A non trivial web application is a complex artifact integratingtechnologies such as scripting languages, middleware,web services, data warehouses and databases. Thetask to recover abstractions requires the adoption of dynamicanalyses to complement the information gatheredwith static analyses.This paper presents an approach and a tool, namedWANDA, that instruments web applications and combinesstatic and dynamic information to recover the as-is architectureand, in general, the UML documentation of the applicationitself. To this aim we propose an extension of theConallen UML diagrams to account for detailed dynamicinformation. The tool has been implemented and tested onseveral web applications. Its architecture has been conceivedto allow easy customization and extension. The paperpresents our tool in the context of a program understandingtask; however, it can be usefully applied to manyother tasks such as profiling, security and dependability verificationand application restructuring.