Sciweavers

Share
21 search results - page 3 / 5
» Precise alias analysis for static detection of web applicati...
Sort
View
CCS
2011
ACM
8 years 8 months ago
Fear the EAR: discovering and mitigating execution after redirect vulnerabilities
The complexity of modern web applications makes it difficult for developers to fully understand the security implications of their code. Attackers exploit the resulting security v...
Adam Doupé, Bryce Boe, Christopher Kruegel,...
DIMVA
2006
9 years 9 months ago
Using Static Program Analysis to Aid Intrusion Detection
Abstract. The Internet, and in particular the world-wide web, have become part of the everyday life of millions of people. With the growth of the web, the demand for on-line servic...
Manuel Egele, Martin Szydlowski, Engin Kirda, Chri...
CAV
2011
Springer
253views Hardware» more  CAV 2011»
8 years 11 months ago
HAMPI: A String Solver for Testing, Analysis and Vulnerability Detection
Abstract. Many automatic testing, analysis, and verification techniques for programs can effectively be reduced to a constraint-generation phase followed by a constraint-solving ...
Vijay Ganesh, Adam Kiezun, Shay Artzi, Philip J. G...
CAV
2015
Springer
28views Hardware» more  CAV 2015»
4 years 3 months ago
Automata-Based Model Counting for String Constraints
Most common vulnerabilities in Web applications are due to string manipulation errors in input validation and sanitization code. String constraint solvers are essential components ...
Abdulbaki Aydin, Lucas Bang, Tevfik Bultan
PLDI
2009
ACM
10 years 2 months ago
TAJ: effective taint analysis of web applications
Taint analysis, a form of information-flow analysis, establishes whether values from untrusted methods and parameters may flow into security-sensitive operations. Taint analysis...
Omer Tripp, Marco Pistoia, Stephen J. Fink, Manu S...
books