X Li, Y Xue - ACM Computing Surveys (CSUR), 2014 - dl.acm.org
Web applications are one of the most prevalent platforms for information and service delivery over the Internet today. As they are increasingly used for critical services, web …
Y Zheng, X Zhang, V Ganesh - Proceedings of the 2013 9th Joint …, 2013 - dl.acm.org
Analyzing web applications requires reasoning about strings and non-strings cohesively. Existing string solvers either ignore non-string program behavior or support limited set of …
Web applications are a frequent target of successful attacks. In most web frameworks, the damage is amplified by the fact that application code is responsible for security enforcement …
JavaScript-based malware attacks have increased in recent years and currently represent a signicant threat to the use of desktop computers, smartphones, and tablets. While static and …
Motivated by the vulnerability analysis of web programs which work on string inputs, we present S3, a new symbolic string solver. Our solver employs a new algorithm for a …
D Kar, S Panigrahi, S Sundararajan - Computers & Security, 2016 - Elsevier
SQL injection attacks have been predominant on web databases since the last 15 years. Exploiting input validation flaws, attackers inject SQL code through the front-end of websites …
B Zhang, J Li, J Ren, G Huang - ACM Computing Surveys (CSUR), 2021 - dl.acm.org
Most existing surveys and reviews on web application vulnerability detection (WAVD) approaches focus on comparing and summarizing the approaches' technical details …
Due to their high practical impact, Cross-Site Scripting (XSS) attacks have attracted a lot of attention from the security community members. In the same way, a plethora of more or less …
Modern multi-tier web applications are composed of several dynamic features, which make their vulnerability analysis challenging from a purely static analysis perspective. We …