Programming Perl
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
High coverage detection of input-related security facults
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
The essence of command injection attacks in web applications
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Preventing SQL injection attacks using AMNESIA
Proceedings of the 28th international conference on Software engineering
Precise alias analysis for static detection of web application vulnerabilities
Proceedings of the 2006 workshop on Programming languages and analysis for security
Exploit hijacking: side effects of smart defenses
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Bridging the gap between web application firewalls and web applications
Proceedings of the fourth ACM workshop on Formal methods in security
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Defeating script injection attacks with browser-enforced embedded policies
Proceedings of the 16th international conference on World Wide Web
Proceedings of the 2007 ACM symposium on Applied computing
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Using web application construction frameworks to protect against code injection attacks
Proceedings of the 2007 workshop on Programming languages and analysis for security
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
CANDID: preventing sql injection attacks using dynamic candidate evaluations
Proceedings of the 14th ACM conference on Computer and communications security
Multi-module vulnerability analysis of web-based applications
Proceedings of the 14th ACM conference on Computer and communications security
Efficient fine-grained binary instrumentationwith applications to taint-tracking
Proceedings of the 6th annual IEEE/ACM international symposium on Code generation and optimization
Proposing SQL statement coverage metrics
Proceedings of the fourth international workshop on Software engineering for secure systems
Dynamic multi-process information flow tracking for web application security
Proceedings of the 2007 ACM/IFIP/USENIX international conference on Middleware companion
ISCA '08 Proceedings of the 35th Annual International Symposium on Computer Architecture
Finding bugs in dynamic web applications
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Spectator: detection and containment of JavaScript worms
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
XSS-GUARD: Precise Dynamic Prevention of Cross-Site Scripting Attacks
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
On the Limits of Information Flow Techniques for Malware Analysis and Containment
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
SQLProb: a proxy-based architecture towards preventing SQL injection attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Lightweight self-protecting JavaScript
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Merlin: specification inference for explicit information flow problems
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Automatic creation of SQL Injection and cross-site scripting attacks
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Improving application security with data flow assertions
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Ripley: automatically securing web 2.0 applications through replicated execution
Proceedings of the 16th ACM conference on Computer and communications security
XCS: cross channel scripting and its impact on web applications
Proceedings of the 16th ACM conference on Computer and communications security
Efficient character-level taint tracking for Java
Proceedings of the 2009 ACM workshop on Secure web services
A hybrid analysis framework for detecting web application vulnerabilities
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks
ACM Transactions on Information and System Security (TISSEC)
Preventing drive-by download via inter-module communication monitoring
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Prevention of cross-site scripting attacks on current web applications
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Static and dynamic analysis for web security in industry applications
International Journal of Electronic Security and Digital Forensics
An empirical investigation into open source web applications' implementation vulnerabilities
Empirical Software Engineering
Static analysis for detecting taint-style vulnerabilities in web applications
Journal of Computer Security
Toward automated detection of logic vulnerabilities in web applications
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
WebAppArmor: a framework for robust prevention of attacks on web applications
ICISS'10 Proceedings of the 6th international conference on Information systems security
SessionShield: lightweight protection against session hijacking
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
GuardRails: a data-centric web application security framework
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
PHP Aspis: using partial taint tracking to protect against injection attacks
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
Practical elimination of external interaction vulnerabilities in web applications
Journal of Web Engineering
Toward secure embedded web interfaces
SEC'11 Proceedings of the 20th USENIX conference on Security
Preventing web application injections with complementary character coding
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Crouching tiger - hidden payload: security risks of scalable vectors graphics
Proceedings of the 18th ACM conference on Computer and communications security
SCRIPTGARD: automatic context-sensitive sanitization for large-scale legacy web applications
Proceedings of the 18th ACM conference on Computer and communications security
Position paper: why are there so many vulnerabilities in web applications?
Proceedings of the 2011 workshop on New security paradigms workshop
Defining code-injection attacks
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
PSIAQOP: preventing SQL injection attacks based on query optimization process
Proceedings of the Second Kuwait Conference on e-Services and e-Systems
Automatically preparing safe SQL queries
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Privacy injector — automated privacy enforcement through aspects
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
A survey on detection techniques to prevent cross-site scripting attacks on current web applications
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Secure code generation for web applications
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Idea: using system level testing for revealing SQL injection-related error message information leaks
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Taint-enhanced anomaly detection
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Quo vadis? a study of the evolution of input validation vulnerabilities in web applications
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
SafeWeb: a middleware for securing ruby-based web applications
Middleware'11 Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware
An empirical analysis of input validation mechanisms in web applications and languages
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Towards a taint mode for cloud computing web applications
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
A taint mode for python via a library
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Scriptless attacks: stealing the pie without touching the sill
Proceedings of the 2012 ACM conference on Computer and communications security
Automating presentation changes in dynamic web applications via collaborative hybrid analysis
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
International Journal of Computer Applications in Technology
SafeWeb: a middleware for securing ruby-based web applications
Proceedings of the 12th International Middleware Conference
Towards fully automatic placement of security sanitizers and declassifiers
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Inlined monitors for security policy enforcement in web applications
Proceedings of the 17th Panhellenic Conference on Informatics
Diglossia: detecting code injection attacks with precision and efficiency
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
25 million flows later: large-scale detection of DOM-based XSS
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
deDacota: toward preventing server-side XSS via automatic code and data separation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
PreparedJS: secure script-templates for javascript
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
Proceedings of the 23rd international conference on World wide web
Automated detection of parameter tampering opportunities and vulnerabilities in web applications
Journal of Computer Security
Hi-index | 0.00 |
Injection vulnerabilities pose a major threat to application-level security. Some of the more common types are SQL injection, cross-site scripting and shell injection vulnerabilities. Existing methods for defending against injection attacks, that is, attacks exploiting these vulnerabilities, rely heavily on the application developers and are therefore error-prone. In this paper we introduce CSSE, a method to detect and prevent injection attacks. CSSE works by addressing the root cause why such attacks can succeed, namely the ad-hoc serialization of user-provided input. It provides a platform-enforced separation of channels, using a combination of assignment of metadata to user-provided input, metadata-preserving string operations and context-sensitive string evaluation. CSSE requires neither application developer interaction nor application source code modifications. Since only changes to the underlying platform are needed, it effectively shifts the burden of implementing countermeasures against injection attacks from the many application developers to the small team of security-savvy platform developers. Our method is effective against most types of injection attacks, and we show that it is also less error-prone than other solutions proposed so far. We have developed a prototype CSSE implementation for PHP, a platform that is particularly prone to these vulnerabilities. We used our prototype with phpBB, a well-known bulletin-board application, to validate our method. CSSE detected and prevented all the SQL injection attacks we could reproduce and incurred only reasonable run-time overhead.