Title | ||
---|---|---|
A security oriented program transformation to "add on" policies to prevent injection attacks. |
Abstract | ||
---|---|---|
Topping the list of the most prominent attacks on applications [6] are various types of injection attacks. Malicious inputs that cause injection attacks are numerous; programmers fail to write checks for all attack patterns. We define a program transformation that allows a programmer to think in terms of rectification policies and automatically add these policies to convert unsafe data inputs to safe inputs. The security oriented program transformation applies to all classes of injection attacks, easing the burden of programmers who would otherwise have to manually write checks. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1145/1636642.1636654 | WRT@OOPSLA |
Keywords | Field | DocType |
unsafe data input,program transformation,input rectification policy,cause injection attack,injection attack,malicious input,various type,prominent attack,safe input,rectification policy,attack pattern | Injection attacks,Programmer,Program transformation,Attack patterns,Computer science,Computer security | Conference |
Citations | PageRank | References |
2 | 0.40 | 9 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Munawar Hafiz | 1 | 224 | 15.40 |
Ralph Johnson | 2 | 492 | 29.52 |