FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2997473338> ?p ?o ?g. }

• W2997473338 endingPage "41" @default.
• W2997473338 startingPage "32" @default.
• W2997473338 abstract "Web applications are popular targets of security attacks. One common type of such attacks is SQL injection, where an attacker exploits faulty application code to execute maliciously crafted database queries. Bothstatic and dynamic approaches have been proposed to detect or prevent SQL injections; while dynamic approaches provide protection for deployed software, static approaches can detect potential vulnerabilities before software deployment. Previous static approaches are mostly based on tainted information flow tracking and have at least some of the following limitations: (1) they do not model the precise semantics of input sanitization routines; (2) they require manually written specifications, either for each query or for bug patterns; or (3) they are not fully automated and may require user intervention at various points in the analysis. In this paper, we address these limitations by proposing a precise, sound , and fully automated analysis technique for SQL injection. Our technique avoids the need for specifications by consideringas attacks those queries for which user input changes the intended syntactic structure of the generated query. It checks conformance to this policy byconservatively characterizing the values a string variable may assume with a context free grammar, tracking the nonterminals that represent user-modifiable data, and modeling string operations precisely as language transducers. We have implemented the proposed technique for PHP, the most widely-used web scripting language. Our tool successfully discovered previously unknown and sometimes subtle vulnerabilities in real-world programs, has a low false positive rate, and scales to large programs (with approx. 100K loc)." @default.
• W2997473338 created "2020-01-10" @default.
• W2997473338 creator A5061282325 @default.
• W2997473338 creator A5077610917 @default.
• W2997473338 date "2007-06-10" @default.
• W2997473338 modified "2023-09-23" @default.
• W2997473338 title "Sound and precise analysis of web applications for injection vulnerabilities" @default.
• W2997473338 cites W1503669439 @default.
• W2997473338 cites W1511560695 @default.
• W2997473338 cites W1563770249 @default.
• W2997473338 cites W1598083179 @default.
• W2997473338 cites W1648477960 @default.
• W2997473338 cites W1809751277 @default.
• W2997473338 cites W1983142587 @default.
• W2997473338 cites W1989058323 @default.
• W2997473338 cites W1998765795 @default.
• W2997473338 cites W2001693166 @default.
• W2997473338 cites W2008857097 @default.
• W2997473338 cites W2085925880 @default.
• W2997473338 cites W2100000146 @default.
• W2997473338 cites W2101699859 @default.
• W2997473338 cites W2107604680 @default.
• W2997473338 cites W2134429122 @default.
• W2997473338 cites W2144696387 @default.
• W2997473338 cites W2147478478 @default.
• W2997473338 cites W2148001343 @default.
• W2997473338 cites W2156268601 @default.
• W2997473338 cites W2158047578 @default.
• W2997473338 cites W2158600037 @default.
• W2997473338 cites W2170830071 @default.
• W2997473338 cites W4376522561 @default.
• W2997473338 cites W2122472280 @default.
• W2997473338 doi "https://doi.org/10.1145/1273442.1250739" @default.
• W2997473338 hasPublicationYear "2007" @default.
• W2997473338 type Work @default.
• W2997473338 sameAs 2997473338 @default.
• W2997473338 citedByCount "52" @default.
• W2997473338 countsByYear W29974733382012 @default.
• W2997473338 countsByYear W29974733382013 @default.
• W2997473338 countsByYear W29974733382014 @default.
• W2997473338 countsByYear W29974733382015 @default.
• W2997473338 countsByYear W29974733382016 @default.
• W2997473338 countsByYear W29974733382017 @default.
• W2997473338 countsByYear W29974733382018 @default.
• W2997473338 countsByYear W29974733382019 @default.
• W2997473338 countsByYear W29974733382020 @default.
• W2997473338 countsByYear W29974733382021 @default.
• W2997473338 countsByYear W29974733382022 @default.
• W2997473338 countsByYear W29974733382023 @default.
• W2997473338 crossrefType "journal-article" @default.
• W2997473338 hasAuthorship W2997473338A5061282325 @default.
• W2997473338 hasAuthorship W2997473338A5077610917 @default.
• W2997473338 hasConcept C111065885 @default.
• W2997473338 hasConcept C111919701 @default.
• W2997473338 hasConcept C118643609 @default.
• W2997473338 hasConcept C121332964 @default.
• W2997473338 hasConcept C137287247 @default.
• W2997473338 hasConcept C150451098 @default.
• W2997473338 hasConcept C157486923 @default.
• W2997473338 hasConcept C164120249 @default.
• W2997473338 hasConcept C194222762 @default.
• W2997473338 hasConcept C199360897 @default.
• W2997473338 hasConcept C23123220 @default.
• W2997473338 hasConcept C2777904410 @default.
• W2997473338 hasConcept C41008148 @default.
• W2997473338 hasConcept C43126263 @default.
• W2997473338 hasConcept C510870499 @default.
• W2997473338 hasConcept C529173508 @default.
• W2997473338 hasConcept C61423126 @default.
• W2997473338 hasConcept C62520636 @default.
• W2997473338 hasConcept C63116202 @default.
• W2997473338 hasConcept C77088390 @default.
• W2997473338 hasConcept C97686452 @default.
• W2997473338 hasConcept C97854310 @default.
• W2997473338 hasConceptScore W2997473338C111065885 @default.
• W2997473338 hasConceptScore W2997473338C111919701 @default.
• W2997473338 hasConceptScore W2997473338C118643609 @default.
• W2997473338 hasConceptScore W2997473338C121332964 @default.
• W2997473338 hasConceptScore W2997473338C137287247 @default.
• W2997473338 hasConceptScore W2997473338C150451098 @default.
• W2997473338 hasConceptScore W2997473338C157486923 @default.
• W2997473338 hasConceptScore W2997473338C164120249 @default.
• W2997473338 hasConceptScore W2997473338C194222762 @default.
• W2997473338 hasConceptScore W2997473338C199360897 @default.
• W2997473338 hasConceptScore W2997473338C23123220 @default.
• W2997473338 hasConceptScore W2997473338C2777904410 @default.
• W2997473338 hasConceptScore W2997473338C41008148 @default.
• W2997473338 hasConceptScore W2997473338C43126263 @default.
• W2997473338 hasConceptScore W2997473338C510870499 @default.
• W2997473338 hasConceptScore W2997473338C529173508 @default.
• W2997473338 hasConceptScore W2997473338C61423126 @default.
• W2997473338 hasConceptScore W2997473338C62520636 @default.
• W2997473338 hasConceptScore W2997473338C63116202 @default.
• W2997473338 hasConceptScore W2997473338C77088390 @default.
• W2997473338 hasConceptScore W2997473338C97686452 @default.
• W2997473338 hasConceptScore W2997473338C97854310 @default.
• W2997473338 hasIssue "6" @default.
• W2997473338 hasLocation W29974733381 @default.

• next