FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4320168549> ?p ?o ?g. }

• W4320168549 abstract "Web application firewall (WAF) plays an integral role nowadays to protect web applications from various malicious injection attacks such as SQL injection, XML injection, and PHP injection, to name a few. However, given the evolving sophistication of injection attacks and the increasing complexity of tuning a WAF, it is challenging to ensure that the WAF is free of injection vulnerabilities such that it will block all malicious injection attacks without wrongly affecting the legitimate message. Automatically testing the WAF is, therefore, a timely and essential task. In this paper, we propose DaNuoYi, an automatic injection testing tool that simultaneously generates test inputs for multiple types of injection attacks on a WAF. Our basic idea derives from the cross-lingual translation in the natural language processing domain. In particular, test inputs for different types of injection attacks are syntactically different but may be semantically similar. Sharing semantic knowledge across multiple programming languages can thus stimulate the generation of more sophisticated test inputs and discovering injection vulnerabilities of the WAF that are otherwise difficult to find. To this end, in DaNuoYi, we train several injection translation models by using multi-task learning that translates the test inputs between any pair of injection attacks. The model is then used by a novel multi-task evolutionary algorithm to co-evolve test inputs for different types of injection attacks facilitated by a shared mating pool and domain-specific mutation operators at each generation. We conduct experiments on three real-world open-source WAFs and six types of injection attacks, the results reveal that DaNuoYi generates up to 3.8x and 5.78x more valid test inputs (i.e., bypassing the underlying WAF) than its state-of-the-art single-task counterparts and the context-free grammar-based injection construction." @default.
• W4320168549 created "2023-02-13" @default.
• W4320168549 creator A5014444917 @default.
• W4320168549 creator A5017100408 @default.
• W4320168549 creator A5088454541 @default.
• W4320168549 date "2022-06-12" @default.
• W4320168549 modified "2023-09-29" @default.
• W4320168549 title "Evolutionary Multi-Task Injection Testing on Web Application Firewalls" @default.
• W4320168549 doi "https://doi.org/10.48550/arxiv.2206.05743" @default.
• W4320168549 hasPublicationYear "2022" @default.
• W4320168549 type Work @default.
• W4320168549 citedByCount "0" @default.
• W4320168549 crossrefType "posted-content" @default.
• W4320168549 hasAuthorship W4320168549A5014444917 @default.
• W4320168549 hasAuthorship W4320168549A5017100408 @default.
• W4320168549 hasAuthorship W4320168549A5088454541 @default.
• W4320168549 hasBestOaLocation W43201685491 @default.
• W4320168549 hasConcept C136764020 @default.
• W4320168549 hasConcept C150451098 @default.
• W4320168549 hasConcept C158379750 @default.
• W4320168549 hasConcept C162324750 @default.
• W4320168549 hasConcept C164120249 @default.
• W4320168549 hasConcept C187736073 @default.
• W4320168549 hasConcept C194222762 @default.
• W4320168549 hasConcept C22927095 @default.
• W4320168549 hasConcept C2524010 @default.
• W4320168549 hasConcept C2777210771 @default.
• W4320168549 hasConcept C2780451532 @default.
• W4320168549 hasConcept C33923547 @default.
• W4320168549 hasConcept C38652104 @default.
• W4320168549 hasConcept C41008148 @default.
• W4320168549 hasConcept C86444895 @default.
• W4320168549 hasConcept C97854310 @default.
• W4320168549 hasConceptScore W4320168549C136764020 @default.
• W4320168549 hasConceptScore W4320168549C150451098 @default.
• W4320168549 hasConceptScore W4320168549C158379750 @default.
• W4320168549 hasConceptScore W4320168549C162324750 @default.
• W4320168549 hasConceptScore W4320168549C164120249 @default.
• W4320168549 hasConceptScore W4320168549C187736073 @default.
• W4320168549 hasConceptScore W4320168549C194222762 @default.
• W4320168549 hasConceptScore W4320168549C22927095 @default.
• W4320168549 hasConceptScore W4320168549C2524010 @default.
• W4320168549 hasConceptScore W4320168549C2777210771 @default.
• W4320168549 hasConceptScore W4320168549C2780451532 @default.
• W4320168549 hasConceptScore W4320168549C33923547 @default.
• W4320168549 hasConceptScore W4320168549C38652104 @default.
• W4320168549 hasConceptScore W4320168549C41008148 @default.
• W4320168549 hasConceptScore W4320168549C86444895 @default.
• W4320168549 hasConceptScore W4320168549C97854310 @default.
• W4320168549 hasLocation W43201685491 @default.
• W4320168549 hasOpenAccess W4320168549 @default.
• W4320168549 hasPrimaryLocation W43201685491 @default.
• W4320168549 hasRelatedWork W1607472309 @default.
• W4320168549 hasRelatedWork W2081647779 @default.
• W4320168549 hasRelatedWork W2291333157 @default.
• W4320168549 hasRelatedWork W2362122277 @default.
• W4320168549 hasRelatedWork W2384815038 @default.
• W4320168549 hasRelatedWork W2751450447 @default.
• W4320168549 hasRelatedWork W3128051602 @default.
• W4320168549 hasRelatedWork W3217387898 @default.
• W4320168549 hasRelatedWork W4237750775 @default.
• W4320168549 hasRelatedWork W4297475412 @default.
• W4320168549 isParatext "false" @default.
• W4320168549 isRetracted "false" @default.
• W4320168549 workType "article" @default.