PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
Certification of programs for secure information flow
Communications of the ACM
Abstracting application-level web security
Proceedings of the 11th international conference on World Wide Web
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
Threat Modeling
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Finding application errors and security flaws using PQL: a program query language
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
Using parse tree validation to prevent SQL injection attacks
SEM '05 Proceedings of the 5th international workshop on Software engineering and middleware
The essence of command injection attacks in web applications
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
SecuBat: a web vulnerability scanner
Proceedings of the 15th international conference on World Wide Web
Hacking Exposed Web Applications, Second Edition
Hacking Exposed Web Applications, Second Edition
An Automatic Revised Tool for Anti-Malicious Injection
CIT '06 Proceedings of the Sixth IEEE International Conference on Computer and Information Technology
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Finding user/kernel pointer bugs with type inference
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation
IEEE Transactions on Software Engineering
Automatic generation of XSS and SQL injection attacks with goal-directed model checking
SS'08 Proceedings of the 17th conference on Security symposium
SQLProb: a proxy-based architecture towards preventing SQL injection attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Automatic creation of SQL Injection and cross-site scripting attacks
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Swaddler: an approach for the anomaly-based detection of state violations in web applications
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Defending against injection attacks through context-sensitive string evaluation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
| Hi-index | 0.00 |
Current web applications have many inherent vulnerabilities; in fact, in 2008, over 63% of all documented vulnerabilities are for web applications. While many approaches have been proposed to address various web application vulnerability issues, there has not been a study to investigate whether these vulnerabilities share any common properties. In this paper, we use an approach similar to the Goal-Question-Metric approach to empirically investigate four questions regarding open source web applications vulnerabilities: What proportion of security vulnerabilities in web applications can be considered as implementation vulnerabilities? Are these vulnerabilities the result of interactions between web applications and external systems? What is the proportion of vulnerable lines of code within a web application? Are implementation vulnerabilities caused by implicit or explicit data flows? The results from the investigation show that implementation vulnerabilities dominate. They are caused through interactions between web applications and external systems. Furthermore, these vulnerabilities only contain explicit data flows, and are limited to relatively small sections of the source code.