Sciweavers

Share
21 search results - page 2 / 5
» Precise alias analysis for static detection of web applicati...
Sort
View
COMPSAC
2007
IEEE
10 years 1 months ago
A Static Analysis Framework For Detecting SQL Injection Vulnerabilities
Recently SQL Injection Attack (SIA) has become a major threat to Web applications. Via carefully crafted user input, attackers can expose or manipulate the back-end database of a ...
Xiang Fu, Xin Lu, Boris Peltsverger, Shijun Chen, ...
ICSE
2008
IEEE-ACM
10 years 8 months ago
Static detection of cross-site scripting vulnerabilities
Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. In cross-site scripting (XSS), an...
Gary Wassermann, Zhendong Su
SP
2008
IEEE
112views Security Privacy» more  SP 2008»
10 years 1 months ago
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
Web applications are ubiquitous, perform missioncritical tasks, and handle sensitive user data. Unfortunately, web applications are often implemented by developers with limited se...
Davide Balzarotti, Marco Cova, Viktoria Felmetsger...
OOPSLA
2005
Springer
10 years 17 days ago
Finding application errors and security flaws using PQL: a program query language
A number of effective error detection tools have been built in recent years to check if a program conforms to certain design rules. An important class of design rules deals with s...
Michael C. Martin, V. Benjamin Livshits, Monica S....
SEKE
2010
Springer
9 years 5 months ago
A String Constraint Solver for Detecting Web Application Vulnerability
Given the bytecode of a software system, is it possible to automatically generate attack signatures that reveal its vulnerabilities? A natural solution would be symbolically execu...
Xiang Fu, Chung-Chih Li
books