DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Swaddler: an approach for the anomaly-based detection of state violations in web applications
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
A Symbolic Execution Framework for JavaScript
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
NoTamper: automatic blackbox detection of parameter tampering opportunities in web applications
Proceedings of the 17th ACM conference on Computer and communications security
Toward automated detection of logic vulnerabilities in web applications
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Static detection of access control vulnerabilities in web applications
SEC'11 Proceedings of the 20th USENIX conference on Security
BLOCK: a black-box approach for detection of state violation attacks towards web applications
Proceedings of the 27th Annual Computer Security Applications Conference
SENTINEL: securing database from logic flaws in web applications
Proceedings of the second ACM conference on Data and Application Security and Privacy
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
Automated black-box detection of access control vulnerabilities in web applications
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
Logic flaws are an important class of vulnerabilities within web applications, which allow sensitive information and restrictive operations to be accessed at inappropriate application states. In this paper, we take a first step towards a systematic black-box approach to identifying logic vulnerabilities within web applications. We first construct a partial FSM over the expected input domain by collecting and analyzing the execution traces when users follow the navigation paths within the web application. Then, we test the application at each state by constructing unexpected input vectors and evaluating corresponding web responses. We implement a prototype system LogicScope and demonstrate its effectiveness using a set of real world web applications.