Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
Debugging heterogeneous distributed systems using event-based models of behavior
PADD '88 Proceedings of the 1988 ACM SIGPLAN and SIGOPS workshop on Parallel and distributed debugging
A dataflow approach to event-based debugging
Software—Practice & Experience
IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Query-based debugging of object-oriented programs
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Parameterized pattern matching by Boyer-Moore-type algorithms
Proceedings of the sixth annual ACM-SIAM symposium on Discrete algorithms
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
A system and language for building system-specific, static analyses
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Automated Software Engineering
Navigating and querying code without getting lost
Proceedings of the 2nd international conference on Aspect-oriented software development
A Language Framework for Expressing Checkable Properties of Dynamic Software
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Parametric regular path queries
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
SABER: smart analysis based error reduction
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Implementing protocols via declarative event patterns
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Automated soundness proofs for dataflow analyses and transformations via local rules
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Adding trace matching with free variables to AspectJ
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Finding application errors and security flaws using PQL: a program query language
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Relational queries over program traces
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The essence of command injection attacks in web applications
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Defeating script injection attacks with browser-enforced embedded policies
Proceedings of the 16th international conference on World Wide Web
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Finding security vulnerabilities in java applications with static analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
ASTLOG: a language for examining abstract syntax trees
DSL'97 Proceedings of the Conference on Domain-Specific Languages on Conference on Domain-Specific Languages (DSL), 1997
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Static analysis for inference of explicit information flow
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Staged information flow for javascript
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Automatic creation of SQL Injection and cross-site scripting attacks
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
A concurrent dynamic analysis framework for multicore hardware
Proceedings of the 24th ACM SIGPLAN conference on Object oriented programming systems languages and applications
Intrusion detection using signatures extracted from execution profiles
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Efficient purely-dynamic information flow analysis
ACM SIGPLAN Notices
A semantic data validation service for web applications
Journal of Theoretical and Applied Electronic Commerce Research
Graph queries through datalog optimizations
Proceedings of the 12th international ACM SIGPLAN symposium on Principles and practice of declarative programming
Dartmouth internet security testbed (DIST: building a campus-wide wireless testbed
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
DBTaint: cross-application information flow tracking via databases
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
An empirical study of privacy-violating information flows in JavaScript web applications
Proceedings of the 17th ACM conference on Computer and communications security
Proceedings of the 17th ACM conference on Computer and communications security
Taxonomy and classification of automatic monitoring of program security vulnerability exploitations
Journal of Systems and Software
Automated removal of cross site scripting vulnerabilities in web applications
Information and Software Technology
Mitigating program security vulnerabilities: Approaches and challenges
ACM Computing Surveys (CSUR)
Supporting automated vulnerability analysis using formalized vulnerability signatures
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
VAM-aaS: online cloud services security vulnerability analysis and mitigation-as-a-service
WISE'12 Proceedings of the 13th international conference on Web Information Systems Engineering
An empirical study on the effectiveness of security code review
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Analyzing and defending against web-based malware
ACM Computing Surveys (CSUR)
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
Hi-index | 0.00 |
SQL injection and cross-site scripting are two of the most common security vulnerabilities that plague web applications today. These and many others result from having unchecked data input reach security-sensitive operations. This paper describes a language called PQL (Program Query Language) that allows users to declare to specify information flow patterns succinctly and declaratively. We have developed a static context-sensitive, but flow-insensitive information flow tracking analysis that can be used to find all the vulnerabilities in a program. In the event that the analysis generates too many warnings, the result can be used to drive a model-checking system to analyze more precisely. Model checking is also used to automatically generate the input vectors that expose the vulnerability. Any remaining behavior these static analyses have not isolated may be checked dynamically. The results of the static analyses may be used to optimize these dynamic checks. Our experimental results indicate the language is expressive enough for describing a large number of vulnerabilities succinctly. We have analyzed over nine applications, detecting 30 serious security vulnerabilities. We were also able to automatically recover from attacks as they occurred using the dynamic checker.