Predicting common web application vulnerabilities from input validation and sanitization code patterns

Predicting common web application vulnerabilities from input validation and sanitization code patterns

Software defect prediction studies have shown that defect predictors built from static code attributes are useful and effective. On the other hand, to mitigate the threats posed by common web application vulnerabilities, many vulnerability detection approaches have been proposed. However, finding al...

Full description

Saved in:

Bibliographic Details
Main Authors:	SHAR, Lwin Khin, TAN, Hee Beng Kuan
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2012
Subjects:	Defect prediction static code attributes web application vulnerabilities input validation and sanitization empirical study Information Security Software Engineering
Online Access:	https://ink.library.smu.edu.sg/sis_research/4678 https://ink.library.smu.edu.sg/context/sis_research/article/5681/viewcontent/Predicting_Common_Web_App_Vunerabilities_2012.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: SHAR, Lwin Khin, et al.
Published: (2012)

Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns
by: SHAR, Lwin Khin, et al.
Published: (2013)

Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis
by: SHAR, Lwin Khin, et al.
Published: (2013)

Web application vulnerability prediction using hybrid program analysis and machine learning
by: SHAR, Lwin Khin, et al.
Published: (2014)

Towards a hybrid framework for detecting input manipulation vulnerabilities
by: DING, Sun, et al.
Published: (2013)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Auditing the defense against cross site scripting in web applications
by: SHAR, Lwin Khin, et al.
Published: (2010)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Semi-automated verification of defense against SQL injection in web applications
by: LIU, Kaiping, et al.
Published: (2012)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

Defending against cross site scripting attacks
by: SHAR, Lwin Khin, et al.
Published: (2011)

Predicting common web application vulnerabilities from input validation and sanitization code patterns
by: Shar, Lwin Khin, et al.
Published: (2013)

Automated removal of cross site scripting vulnerabilities in web applications
by: SHAR, Lwin Khin, et al.
Published: (2011)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: Shar, Lwin Khin, et al.
Published: (2013)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: THOME, Julian, et al.
Published: (2018)

Towards practical binary code similarity detection: vulnerability verification via patch semantic analysis
by: Yang, Shouguo, et al.
Published: (2024)

Incremental neural network training with an increasing input dimension
by: Guan, S.-U., et al.
Published: (2014)

On-the-fly Android static analysis with applications in vulnerability discovery
by: WU, Daoyuan
Published: (2019)

Diarrheal disease, sanitation, and culture in India
by: Mohanty, Aatishya, et al.
Published: (2023)

Search-driven string constraint solving for vulnerability detection
by: THOME, Julian, et al.
Published: (2017)

Finding real world software vulnerabilities using ChatGPT
by: Wong, Sean Chun Foh
Published: (2024)

Test and Validation of Building Energy Simulation Tools
by: ZHANG XIANGJING
Published: (2012)

Incremental learning with respect to new incoming input attributes
by: Guan, S.-U., et al.
Published: (2014)

A model for multi-criterion disaster vulnerability assessment of economic systems: Implications for Vietnam's bioethanol policy
by: Yu, Krista Danielle S., et al.
Published: (2016)

Non-ideal toilets in India: The Solution to Sanitation Woes or The Source of New Problems?
by: Aprajita Singh, et al.
Published: (2024)

The Impact of Rural Water Supply and Sanitation on Economic Growth in South Asia
by: Madadeniya, M. G. C. N.
Published: (2020)

Towards understanding Android system vulnerabilities: Techniques and insights
by: WU, Daoyuan, et al.
Published: (2019)

Narratives of Sanitation: Motivating Toilet Use in India
by: Leong Ching
Published: (2020)

Just-in-time defect prediction on JavaScript projects: A replication study
by: NI, Chao, et al.
Published: (2022)

Learning program semantics for vulnerability detection via vulnerability-specific inter-procedural slicing
by: WU, Bozhi, et al.
Published: (2023)

Mining patterns of unsatisfiable constraints to detect infeasible paths
by: DING, Sun, et al.
Published: (2015)

Changes in resistance of Salmonella Typhimurium biofilms formed under various conditions to industrial sanitizers
by: Nguyen, H.D.N., et al.
Published: (2014)

Automated removal of cross site scripting vulnerabilities in web applications
by: Shar, Lwin Khin, et al.
Published: (2013)

UCRF: static analyzing firmware to generate under-constrained seed for fuzzing SOHO router
by: Qin, Chuan, et al.
Published: (2023)

ANALYSIS ON LARGE LANGUAGE MODEL VULNERABLE CODE GENERATION AND SELF-REPAIR ABILITY
by: KIM SUNG YONG
Published: (2024)

Defeating SQL injection
by: SHAR, Lwin Khin, et al.
Published: (2012)

Out of sight, out of mind? How vulnerable dependencies affect open-source projects
by: PRANA, Gede Artha Azriadi, et al.
Published: (2021)

Formation of Salmonella Typhimurium Biofilm Under Various Growth Conditions and its Sensitivity to Industrial Sanitizers
by: NGUYEN NGOC HAI DUONG
Published: (2012)

Automatic vulnerability detection and repair
by: MA, Siqi
Published: (2018)

Predictive validity study of DLSU-MBA program entrance tests for the school years 1979-80 and 1980-81
by: Alegre, Francis R., et al.
Published: (1981)