Towards a hybrid framework for detecting input manipulation vulnerabilities

Towards a hybrid framework for detecting input manipulation vulnerabilities

Input manipulation vulnerabilities such as SQL Injection, Cross-site scripting, Buffer Overflow vulnerabilities are highly prevalent and pose critical security risks. As a result, many methods have been proposed to apply static analysis, dynamic analysis or a combination of them, to detect such secu...

Full description

Saved in:

Bibliographic Details
Main Authors:	DING, Sun, TAN, Hee Beng Kuan, SHAR, Lwin Khin, PADMANABHUNI, Bindu Madhavi
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2013
Subjects:	Vulnerability detection framework formal verification prediction data mining input validation specification verification input manipulation vulnerabilities Information Security Software Engineering
Online Access:	https://ink.library.smu.edu.sg/sis_research/4837 https://ink.library.smu.edu.sg/context/sis_research/article/5840/viewcontent/Towards_a_hybrid_framework_for_detecting_input_manipulation_2013_av.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns
by: SHAR, Lwin Khin, et al.
Published: (2013)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: SHAR, Lwin Khin, et al.
Published: (2012)

Predicting common web application vulnerabilities from input validation and sanitization code patterns
by: SHAR, Lwin Khin, et al.
Published: (2012)

Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis
by: SHAR, Lwin Khin, et al.
Published: (2013)

Web application vulnerability prediction using hybrid program analysis and machine learning
by: SHAR, Lwin Khin, et al.
Published: (2014)

Towards practical binary code similarity detection: vulnerability verification via patch semantic analysis
by: Yang, Shouguo, et al.
Published: (2024)

Formalizing UML state machines for automated verification: A survey
by: ETIENE, Andre, et al.
Published: (2023)

Towards formal modeling and verification of cloud architectures: A case study on hadoop
by: Reddy, G.S., et al.
Published: (2014)

SGUARD: Towards fixing vulnerable smart contracts automatically
by: NGUYEN, Tai D., et al.
Published: (2021)

Machine-assisted proof support for validation beyond Simulink
by: Chen, C., et al.
Published: (2013)

Cell : A compositional verification framework
by: JI KUN
Published: (2013)

A model for multi-criterion disaster vulnerability assessment of economic systems: Implications for Vietnam's bioethanol policy
by: Yu, Krista Danielle S., et al.
Published: (2016)

A formal framework for modeling and validating Simulink diagrams
by: Chen, C., et al.
Published: (2013)

Model checking approach to automated planning
by: Li, Y., et al.
Published: (2014)

ENHANCING THE EFFICACY OF NEURAL NETWORK ROBUSTNESS ANALYSIS
by: ZHONG YUYI
Published: (2023)

Auditing the defense against cross site scripting in web applications
by: SHAR, Lwin Khin, et al.
Published: (2010)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

Translating PDDL into CSP# - The PAT Approach
by: Li, Y., et al.
Published: (2013)

An expressive framework for verifying deadlock freedom
by: Le, D.-K., et al.
Published: (2014)

Automated removal of cross site scripting vulnerabilities in web applications
by: SHAR, Lwin Khin, et al.
Published: (2011)

Mining Branching-Time Scenarios
by: FAHLAND, Dirk, et al.
Published: (2013)

Formal analysis of pervasive computing systems
by: Liu, Y., et al.
Published: (2013)

An empirical study of blockchain system vulnerabilities: modules, types, and patterns
by: YI, Xiao, et al.
Published: (2022)

Combining Software Metrics and Text Features for Vulnerable File Prediction
by: ZHANG, Yun, et al.
Published: (2015)

A Z Approach in Validating ORA-SS Data Models
by: Lee, S.U.-J., et al.
Published: (2013)

Co-operative control of multi-input single-output processes: On-line strategy for releasing input saturation
by: Wang, Q.-G., et al.
Published: (2014)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

MECHANIZED VERIFICATION OF GRAPH-MANIPULATING PROGRAMS
by: WANG SHENGYI
Published: (2020)

Validating semistructured data using OWL
by: Li, Y.F., et al.
Published: (2013)

Search-driven string constraint solving for vulnerability detection
by: THOME, Julian, et al.
Published: (2017)

From verification to specification inference
by: Chin, W.-N., et al.
Published: (2013)

Automatic vulnerability detection and repair
by: MA, Siqi
Published: (2018)

Finding real world software vulnerabilities using ChatGPT
by: Wong, Sean Chun Foh
Published: (2024)

Mining temporal rules for software maintenance
by: Lo, D., et al.
Published: (2013)

A verification system for interval-based specification languages with its application to simulink
by: CHEN CHUNQING
Published: (2010)

Machine-assisted proof support for validation beyond Simulink
by: CHEN, Chunqing, et al.
Published: (2007)

Certified policy verification and synthesis for MDPs under distributional reach-avoidance properties
by: AKSHAY, S., et al.
Published: (2024)

Model checking software architecture design
by: Zhang, J., et al.
Published: (2013)

Transformations between CSP# and C#
by: ZHU HUIQUAN
Published: (2014)

FORMAL SECURITY ANALYSIS: SECRECY, AUTHENTICATION AND ATTESTATION
by: LI LI
Published: (2015)