Add to ORKGThis paper is intended to be a summary of the ideas provided by Yichen Xie & Alex Aiken [1]. Their results will be compred to the con-clusions of Nenad Jovanovic, Christopher Kruegel & Engin Kirda in [2]. Both author teams seek to reduce security vulnerabilities in PHP appli-cations through static analysis techniques with two different approaches, each having their own advantages and drawbacks. Nenad Jovanovic, Christopher Kruegel & Engin Kirda try to find XSS vulnerabilities using taint checking, whereas Yichen Xie & Alex Aiken focus on sql injection attacks using a custom three-tier architecture that could be best described as reverse taint checking, since their approach consists of analysing the control flow of the applic...
International audienceWeb applications use authentication mechanisms to provide user-friendly conten...
Moderne Webseiten haben sich zu interaktiven Applikationen entwickelt, die täglich vertrauliche Benu...
Tese de mestrado, Engenharia Informática, 2023, Universidade de Lisboa, Faculdade de CiênciasThe sec...
The importance of Web applications has increased continually in recent years. As more and more servi...
With the widespread adoption of dynamic web applications in recent years, a number of threats to the...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They pro-vide dynami...
Abstract—The World Wide Web grew rapidly during the last decades and is used by millions of people e...
Increasingly, web applications handle sensitive data and interface with critical back-end components...
The number and the importance of Web applications have increased rapidly over the last years. At the...
Software vulnerabilities are security threats that exist in an application and may enable users to e...
We present a novel method for static analysis in which we combine data-flow analysis with machine le...
Static code analysis is a class of techniques for inspecting the source code of a computer program w...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They provide dynamic...
Tese de mestrado, Engenharia Informática (Arquitetura, Sistemas e Redes de Computadores) Universidad...
With the increase of global accessibility of web applications, maintaining a reasonable security lev...
International audienceWeb applications use authentication mechanisms to provide user-friendly conten...
Moderne Webseiten haben sich zu interaktiven Applikationen entwickelt, die täglich vertrauliche Benu...
Tese de mestrado, Engenharia Informática, 2023, Universidade de Lisboa, Faculdade de CiênciasThe sec...
The importance of Web applications has increased continually in recent years. As more and more servi...
With the widespread adoption of dynamic web applications in recent years, a number of threats to the...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They pro-vide dynami...
Abstract—The World Wide Web grew rapidly during the last decades and is used by millions of people e...
Increasingly, web applications handle sensitive data and interface with critical back-end components...
The number and the importance of Web applications have increased rapidly over the last years. At the...
Software vulnerabilities are security threats that exist in an application and may enable users to e...
We present a novel method for static analysis in which we combine data-flow analysis with machine le...
Static code analysis is a class of techniques for inspecting the source code of a computer program w...
Dynamic languages, such as PHP and JavaScript, are widespread and heavily used. They provide dynamic...
Tese de mestrado, Engenharia Informática (Arquitetura, Sistemas e Redes de Computadores) Universidad...
With the increase of global accessibility of web applications, maintaining a reasonable security lev...
International audienceWeb applications use authentication mechanisms to provide user-friendly conten...
Moderne Webseiten haben sich zu interaktiven Applikationen entwickelt, die täglich vertrauliche Benu...
Tese de mestrado, Engenharia Informática, 2023, Universidade de Lisboa, Faculdade de CiênciasThe sec...