Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.6.149

String analysis for detection of injection flaw in Web applications  

Choi, Tae-Hyoung (Department of Computer Science and Engineering, Hanyang University)
Kim, Jung-Joon (NEX1 FUTURE Co., Ltd.)
Doh, Kyung-Goo (Department of Computer Science and Engineering, Hanyang University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.6, 2007 , pp. 149-153 More about this Journal
Abstract
One common type of web-application vulnerabilities is injection flaw, where an attacker exploits faulty application code instead of normal input. In order to be free from injection flaw, an application program should be written in such a way that every potentially bad input character is filtered out. This paper proposes a precise analysis that statically checks whether or not an input string variable may have the given set of characters at hotspot. The precision is accomplished by taking the semantics of condition into account in the analysis.
Keywords
Static analysis; web application vulnerability;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Aske Simon Christensen, Anders Mller, and Michael I. Schwartzbach. 'Precise analysis of string expressions'. In Proceedings of the International Static Analysis Symposium, volume 2694 of Lecture Notes in Computer Science, pp. 1-18. Springer-Verlag, June 2003
2 Patrick Cousot and Radhia Cousot. 'Abstract interpretation frameworks'. Journal of Logic and Computation, 2(4):511-547, 1992   DOI
3 N. Jovanovic, C. Krugel, and E. Kirda. Pixy: 'A static analysis tool for detecting web application vulnerabilities (short paper)'. In ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, Ottowa, Canada, June 2006
4 M. Martin, B. Livshits, and M. S. Lam. 'Finding application errors and security flaws using PQL: a program query language'. In OOPLSA '05: Proceedings of the 20th annual ACM SIGPLAN conference on Object oriented programming systems languages and applications, p. 365-383, 2005
5 Flemming Nielson, Hanne Riis Nielson, and Chris Hankin. Principles of Program Analysis. Springer-Verlag, 1999
6 Gary Wassermann and Zhendong Su. 'Sound and precise anlysis of web applications for injection vulnerabilities'. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, June 2007
7 Y. Xie and A. Aiken. 'Static detection of security vulnerabilities in scripting languages'. In Proceedings of the 15th USENIX Security Symposium, pp. 179-192, July 2006
8 Patrick Cousot and Radhia Cousot. 'Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints'. In Proceedings of the ACM Symposium on Principles of Programming Languages, pp. 238-252, January 1977
9 Tae-Hyoung Choi, Oukseh Lee, Hyunha Kim, and Kyung-Goo Doh. 'A practical string analyzer by the widening approach'. In Naoki Kobayashi, editor, Proceedings of the Asian Symposium on Programming Languages and Systems, volume 4279 of Lecture Notes in Computer Science, pp. 374-388. Springer, 2006
10 Yasuhiko Minamide. 'Static approximation of dynamically generated web pages'. In Proceedings of the International World Wide Web Conference Committee, pp. 432-441, 2005