Browse wiki

From Navigators

Jump to: navigation, search
Publication:RicardoMorgado Tese
Abstract Currently, web applications are the most c Currently, web applications are the most common way to access companies’ services and resources. However, since their appearance, they are known to contain vulnerabilities in their source code. These vulnerabilities, when exploited, can cause serious damage to organizations, such as the theft of millions of user credentials and access to confidential data. For this reason, accessing critical services, such as health care and financial services, with safe web applications is crucial to its well-functioning. Often, vulnerabilities are left in the source code unintentionally by programmers because they do not have the necessary knowledge about how to write secure code. On the other hand, programmers that use secure functions from the programming language in their applications, employing thus secure code, believe that their applications are protected. However, some of those functions do not invalidate all attacks, leaving applications vulnerable. This dissertation has two main objectives: to study the diverse types of web application vulnerabilities, namely different attacks that exploit them, and different forms to build secure code for invalidating such attacks, and to develop a tool capable of protecting PHP web applications by inserting small corrections in their source code. The proposed solution was evaluated with both artificial and real code and the results showed that it can insert safe corrections while maintaining the original behavior of the web applications in the vast majority of the cases, which is very encouraging. y of the cases, which is very encouraging.
Advisor Ibéria Medeiros + , Nuno Ferreira Neves +
Author Ricardo Morgado +
Key RicardoMorgado Tese  +
Month sep  +
NumPubDate 2,019.09  +
Project Project:SEAL +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
School Mestrado em Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa  +
Title Invalidating web applications attacks by employing the right secure code  +
Type mastersthesis  +
Year 2019  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 18 September 2019 00:03:32  +
hide properties that link here 
  No properties link to this page.


Enter the name of the page to start browsing from.
Personal tools
Navigators toolbox