Reference : An Integrated Approach for Effective Injection Vulnerability Analysis of Web Applicat...
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/32059
An Integrated Approach for Effective Injection Vulnerability Analysis of Web Applications through Security Slicing and Hybrid Constraint Solving
English
Thome, Julian mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Shar, Lwin Khin mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Bianculli, Domenico mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Briand, Lionel mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
In press
IEEE Transactions on Software Engineering
Institute of Electrical and Electronics Engineers
Yes (verified by ORBilu)
International
0098-5589
New York
NY
[en] Vulnerability detection ; Constraint solving ; Static analysis ; Search-based software engineering
[en] Malicious users can attack Web applications by exploiting injection
vulnerabilities in the source code. This work addresses the challenge of
detecting injection vulnerabilities in the server-side code of Java Web
applications in a scalable and effective way. We propose an integrated
approach that seamlessly combines security slicing with hybrid constraint
solving; the latter orchestrates automata-based
solving with meta-heuristic search. We use static analysis to extract minimal
program slices relevant to security from Web programs and to generate attack
conditions. We then apply hybrid constraint solving to determine the
satisfiability of attack conditions and thus detect vulnerabilities.


The experimental results, using a benchmark comprising a set of diverse and
representative Web applications/services as well as security benchmark
applications, show that our approach (implemented in the JOACO tool) is
significantly more effective at detecting injection vulnerabilities than
state-of-the-art approaches, achieving
98% recall, without producing any false alarm. We also compared the constraint
solving module of our approach with state-of-the-art constraint solvers, using
six different benchmark suites; our approach correctly solved the highest
number of constraints (665 out of 672), without producing any incorrect result,
and was the one with the least number of time-out/failing cases. In both
scenarios, the execution time was practically acceptable, given the offline
nature of vulnerability detection.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab)
Fonds National de la Recherche - FnR
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/32059
10.1109/TSE.2018.2844343
FnR ; FNR9132112 > Julian Thomé > HyVAn > A Scalable And Accurate Hybrid Vulnerability Analysis Framework > 01/09/2014 > 14/04/2018 > 2014

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
tse2018.pdfAuthor postprint702.72 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.