—Web-based systems commonly face unique set of vulnerabilities and security threats due to their high exposure, access by browsers, and integration with databases. In this paper ...
In an empirical study of fourteen widely used open source PHP web applications, we found that the vulnerability density of the aggregate code base decreased from 8.88 vulnerabilit...
James Walden, Maureen Doyle, Grant A. Welch, Micha...
A complex software system typically has a large number of objects in the memory, holding references to each other to implement an object model. Deciding when the objects should be...
We report on the aftermath of the discovery of a severe vulnerability in the Debian Linux version of OpenSSL. Systems affected by the bug generated predictable random numbers, mo...
Scott Yilek, Eric Rescorla, Hovav Shacham, Brandon...
Penetration testing is widely used to help ensure the security of web applications. It discovers vulnerabilities by simulating attacks from malicious users on a target application...
William G. J. Halfond, Shauvik Roy Choudhary, Ales...