Browse wiki

From Navigators

Jump to: navigation, search
Publication:ENASE2020 PHPCorrector
Abstract Web applications are commonly used to prov Web applications are commonly used to provide access to the services and resources offered bycompanies. However, they are known to contain vulnerabilities in their source code, which, whenexploited, can cause serious damage to organizations, such as the theft of millions of user creden-tials. For this reason, it is crucial to protect critical services, such as health care and financialservices, with safe web applications. Often, vulnerabilities are left in the source code uninten-tionally by programmers because they have insufficient knowledge on how to write secure code.For example, developers many times employ sanitization functions of the programming language,believing that they will defend their applications. However, some of those functions do not invali-date all attacks, leaving applications still vulnerable. This paper presents an approach and a toolcapable of automatically correcting web applications from relevant classes of vulnerabilities (XSSand SQL Injection). The tool was evaluated with both benchmark test cases and real code, andthe results are very encouraging. They show that the tool can insert safe and right correctionswhile maintaining the original behavior of the web applications in the vast majority of the case lications in the vast majority of the case
Author Ricardo Morgado + , Ibéria Medeiros + , Nuno Ferreira Neves +
Booktitle In Proceedings of the International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE)  +
Key ENASE2020 PHPCorrector  +
Month may  +
NumPubDate 2,020.05  +
Project Project:SEAL +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
Title Towards Web Application Security by Automated Code Correction  +
Type inproceedings  +
Year 2020  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 2 August 2020 16:20:11  +
hide properties that link here 
  No properties link to this page.


Enter the name of the page to start browsing from.
Personal tools
Navigators toolbox