Securing web applications from injection and logic vulnerabilities: Approaches and challenges
Context: Web applications are trusted by billions of users for performing day-to-day activities.
Accessibility, availability and omnipresence of web applications have made them a prime …
Accessibility, availability and omnipresence of web applications have made them a prime …
A review of detection approaches for distributed denial of service attacks
P Kaur, M Kumar, A Bhandari - Systems Science & Control …, 2017 - Taylor & Francis
ABSTRACT Distributed Denial of Service (DDoS) attacks are the intimidation trials on the
Internet that depletes the network bandwidth or exhausts the victim's resources …
Internet that depletes the network bandwidth or exhausts the victim's resources …
Automatic creation of SQL injection and cross-site scripting attacks
We present a technique for finding security vulnerabilities in Web applications. SQL Injection
(SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack in which the …
(SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack in which the …
Enemy of the state: A {state-aware}{black-box} web vulnerability scanner
Black-box web vulnerability scanners are a popular choice for finding security vulnerabilities
in web applications in an automated fashion. These tools operate in a point-and-shoot …
in web applications in an automated fashion. These tools operate in a point-and-shoot …
[PDF][PDF] Toward automated detection of logic vulnerabilities in web applications
Web applications are the most common way to make services and data available on the
Internet. Unfortunately, with the increase in the number and complexity of these applications …
Internet. Unfortunately, with the increase in the number and complexity of these applications …
[PDF][PDF] Detection and prevention of SQL injection attack: a survey
ZS Alwan, MF Younis - … Journal of Computer Science and Mobile …, 2017 - researchgate.net
SQL (structure query language) injection is one of threats to the applications, which are Web-
based application, Mobile application and even desktop application, which are connected to …
based application, Mobile application and even desktop application, which are connected to …
The use of likely invariants as feedback for fuzzers
While fuzz testing proved to be a very effective technique to find software bugs, open
challenges still exist. One of the its main limitations is the fact that popular coverage-guided …
challenges still exist. One of the its main limitations is the fact that popular coverage-guided …
Web application protection techniques: A taxonomy
V Prokhorenko, KKR Choo, H Ashman - Journal of Network and Computer …, 2016 - Elsevier
The growing popularity of web applications makes them an attractive target for malicious
users. Large amounts of private data commonly processed and stored by web applications …
users. Large amounts of private data commonly processed and stored by web applications …
CODDLE: Code-injection detection with deep learning
S Abaimov, G Bianchi - IEEE Access, 2019 - ieeexplore.ieee.org
Code Injection attacks such as SQL Injection and Cross-Site Scripting (XSS) are among the
major threats for today's web applications and systems. This paper proposes CODDLE, a …
major threats for today's web applications and systems. This paper proposes CODDLE, a …
SQLiGoT: Detecting SQL injection attacks using graph of tokens and SVM
D Kar, S Panigrahi, S Sundararajan - Computers & Security, 2016 - Elsevier
SQL injection attacks have been predominant on web databases since the last 15 years.
Exploiting input validation flaws, attackers inject SQL code through the front-end of websites …
Exploiting input validation flaws, attackers inject SQL code through the front-end of websites …