Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. In cross-site scripting (XSS), an...
Raimund Dachselt University of Magdeburg Faculty of Computer Science User Interface & Software Engineering Group 39106 Magdeburg, Germany dachselt@acm.org Robert Buchholz Unive...
This paper evaluates pointer tainting, an incarnation of Dynamic Information Flow Tracking (DIFT), which has recently become an important technique in system security. Pointer tai...
While efficient graph-based representations have been developed for modeling combinations of low-level network attacks, relatively little attention has been paid to effective tech...
Steven Noel, Michael Jacobs, Pramod Kalapa, Sushil...
The authors describe the use of bounded model checking (BMC) for verifying Web application code. Vulnerable sections of code are patched automatically with runtime guards, allowin...
Yao-Wen Huang, Fang Yu, Christian Hang, Chung-Hung...