“Web Application Protection with the WAP Tool”
in Fast Abstract at the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Atlanta, USA, Jun. 2014.
Abstract: In two decades the web became a standard framework for Internet applications. This involved changing from an initially simple hypermedia access platform to a complex blob of different technologies. This complexity associated to the increasing filtering of TCP/UDP ports everywhere in the Internet, turned web applications into favourite targets for cyber-criminals. The Web Application Protection (WAP) tool aims to secure web applications by analysing and automatically fixing their source code. WAP currently handles PHP code, in which most web applications are written. As of April 2014, WAP has been used to process more than 1.5 million lines of code. This short paper briefly presents the tool and ongoing work on evolving it.
Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)