Assistant Professor, Information Systems
Sreedevi Sampath is an Assistant Professor in the Information Systems Department at UMBC. She is a member of UMBC’s Empirical and Applied Software Engineering Lab (EASEL).
Sampath’s research interests are in the areas of software testing, testing web applications, regression testing, test case prioritization, test case generation, and software maintenance. She collaborates through the Automated Combinatorial Testing for Software (ACTS) group at NIST. Sampath recently received a research grant from NIST to support her work entitled “Combinatorial-based Techniques for Web Application Test Selection.”
She holds a Ph.D. in Computer and Information Sciences from the University of Delaware.
Research Projects
- Detecting web application vulnerabilities
Web application vulnerabilities are a serious concern for companies and consumers. The large number of technologies that are involved in a web application, such as Flash, HTML, Javascript, PHP, Ajax etc. suggest that the vulnerability can be in any language and any technology. Further, the underlying software, such as web servers and browsers are also open to vulnerabilities that can be exploited. The most common exploits that plague web applications are SQL Injection, Cross Site Scripting (XSS) and man-in-the-middle attacks. In our work, we leverage user sessions which are sequences of user requests made to the web application for security testing. The objective of the project is to determine the robustness and security of a web application by using random re-combination techniques to create new user sessions with invalid data values and studying how the web system handles non-standard data.
Contact
Office: ITE 451
Phone: 410-455-8845
E-mail: sampath@umbc.edu