Abstract | ||
---|---|---|
"Invalidated Input" is Top One Critical Web Application Security Vulnerabilities according to have been released by Open Web Applications Security Project (OWASP) on July 14, 2004. Many web application security vulnerabilities result from generic input validation problems. Some sites attempt to protect themselves by filtering malicious input, but it may not be viable to modify the source of such components. We have tried to develop an automatic defense mechanism that can produce a proper input validation function on security gateway to filter malicious injection. To verify the efficiency of the tool, we picked the websites made up of some Web applications often contain third-party vulnerable components which was shipped in binary form. Among our experiments, the defense mechanism can automatically organize validation functions to avoid malicious injection attack. abstract environment. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1007/978-3-540-74573-0_11 | NBiS |
Keywords | Field | DocType |
proper input validation function,malicious input,malicious injection attack,generic input validation problem,automatic meta-revised mechanism,security project,malicious injection,open web applications,anti-malicious injection,web application,validation function,critical web application security,input validation,defense mechanism,black box testing,web application security | Data validation,Computer science,Computer security,Computer network,Filter (signal processing),White-box testing,Default gateway,Web application security,Web application,Vulnerability | Conference |
Volume | ISSN | ISBN |
4658 | 0302-9743 | 3-540-74572-6 |
Citations | PageRank | References |
3 | 0.64 | 9 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jin-Cherng Lin | 1 | 136 | 16.88 |
Jan-Min Chen | 2 | 31 | 4.79 |
Hsing-Kuo Wong | 3 | 19 | 1.58 |