Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
MIDDLEWARE
2007
Springer
2007
Springer
Dynamic multi-process information flow tracking for web application security
Although there is a large body of research on detection and prevention of such memory corruption attacks as buffer overflow, integer overflow, and format string attacks, the web application security problem receives relatively less attention from the research community by comparison. The majority of web application security problems originate from the fact that web applications fail to perform sanity checks on inputs from the network that are eventually used as operands of securitysensitive operations. Therefore, a promising approach to this problem is to apply proper checks on tainted portions of the operands used in security-sensitive operations, where a byte is tainted if it is data/control dependent on some network packet(s). This paper presents the design, implementation and evaluation of a dynamic checking compiler called WASC, which automatically adds checks into web applications used in three-tier internet services to protect them from the most common two types of web applic...
Real-time TrafficRelated Content
| Added | 08 Jun 2010 |
| Updated | 08 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | MIDDLEWARE |
| Authors | Susanta Nanda, Lap-Chung Lam, Tzi-cker Chiueh |
Comments (0)
Researcher Info
|
