In recent years, huge increase in attacks and data breaches is noticed. Most of the attacks are performed and focused on the vulnerabilities related to web applications. Hence, nowadays the mitigation of application v...
详细信息
In recent years, huge increase in attacks and data breaches is noticed. Most of the attacks are performed and focused on the vulnerabilities related to web applications. Hence, nowadays the mitigation of application vulnerabilities is an ignited research area. Thus, due to the potential high severity impacts of web application, many different approaches have been proposed in the past decades to mitigate the damages of application vulnerabilities. Static and dynamic analysis are the two main techniques used. In this paper, a new classification for web application input validation vulnerabilities is proffered. In addition, various techniques/tools that are used to detect them are analyzed and evaluated to apprehend their strengths and weaknesses. Thus, this paper provides both technical as well as literature countermeasures to input validation vulnerabilities. Moreover, various statistical distributions of the reviewed techniques were manifested and scrutinize in different aspects to reveal the perception of the prevailing techniques and the gaps in the literature. In addition, the most widespread metrics are also propounded.
Estimating the robustness of software in the presence of invalid inputs has long been a challenging task owing to the fact that developers usually fail to take the necessary action to validate inputs during the design...
详细信息
Estimating the robustness of software in the presence of invalid inputs has long been a challenging task owing to the fact that developers usually fail to take the necessary action to validate inputs during the design and implementation of software. We propose a method for estimating the robustness of software in relation to input validation vulnerabilities using Bayesian networks. The proposed method runs on all program functions and/or methods. It calculates a robustness value using information on the existence of inputvalidation code in the functions and utilizing common weakness scores of known input validation vulnerabilities. In the case study, ten well-known software libraries implemented in the JavaScript language, which are chosen because of their increasing popularity among software developers, are evaluated. Using our method, software development teams can track changes made to software to deal with invalid inputs.
Structured Query Language injection (SQLi) and Cross-Site Scripting (XSS) are the most renowned kinds of input validation vulnerabilities. Of late, vulnerability prediction models based on machine learning have been g...
详细信息
Structured Query Language injection (SQLi) and Cross-Site Scripting (XSS) are the most renowned kinds of input validation vulnerabilities. Of late, vulnerability prediction models based on machine learning have been gaining acceptance in the domain of Web security. Such models offer an easy and effective way of dealing with web application security concerns. However, most of them, in particular, rely on complex graphs generated from source code or regex patterns based on expert knowledge. This paper proposed a method for extracting features from source code and predicting input validation vulnerabilities using machine learning algorithms. The proposed method can extract all features related to the flow of vulnerabilities among the programs and remove the features that are irrelevant to the vulnerability flow. In addition, each vulnerability's context has been assigned, providing additional data for our model to use in learning about the vulnerability context. Compared to other related methods, the feature extraction method proposed in this paper has been found to have high reusability and better performance. The best model related to the LSTM classifier had a 98.1% recall rate, a 97.9% precision, an accuracy of 98.67%, and a 99.03% area under the curve (AUC) in the test dataset.
6Although a large research effort on web application security has been going on for more than a decade, the security of web applications continues to be a challenging problem. An important part of that problem derives...
详细信息
6Although a large research effort on web application security has been going on for more than a decade, the security of web applications continues to be a challenging problem. An important part of that problem derives from vulnerable source code, often written in unsafe languages like PHP. Source code static analysis tools are a solution to find vulnerabilities, but they tend to generate false positives, and require considerable effort for programmers to manually fix the code. We explore the use of a combination of methods to discover vulnerabilities in source code with fewer false positives. We combine taint analysis, which finds candidate vulnerabilities, with data mining, to predict the existence of false positives. This approach brings together two approaches that are apparently orthogonal: humans coding the knowledge about vulnerabilities (for taint analysis), joined with the seemingly orthogonal approach of automatically obtaining that knowledge (with machine learning, for data mining). Given this enhanced form of detection, we propose doing automatic code correction by inserting fixes in the source code. Our approach was implemented in the WAP tool, and an experimental evaluation was performed with a large set of PHP applications. Our tool found 388 vulnerabilities in 1.4 million lines of code. Its accuracy and precision were approximately 5% better than PhpMinerII's and 45% better than Pixy's.
Web application security is an important problem in today's internet. A major cause of this status is that many programmers do not have adequate knowledge about secure coding, so they leave applications with vulne...
详细信息
ISBN:
(纸本)9781450327442
Web application security is an important problem in today's internet. A major cause of this status is that many programmers do not have adequate knowledge about secure coding, so they leave applications with vulnerabilities. An approach to solve this problem is to use source code static analysis to find these bugs, but these tools are known to report many false positives that make hard the task of correcting the application. This paper explores the use of a hybrid of methods to detect vulnerabilities with less false positives. After an initial step that uses taint analysis to flag candidate vulnerabilities, our approach uses data mining to predict the existence of false positives. This approach reaches a trade-off between two apparently opposite approaches: humans coding the knowledge about vulnerabilities (for taint analysis) versus automatically obtaining that knowledge (with machine learning, for data mining). Given this more precise form of detection, we do automatic code correction by inserting fixes in the source code. The approach was implemented in the WAP tool (1) and an experimental evaluation was performed with a large set of open source PHP applications.
For over two decades, the web has been evolving from a simple set of hypermedia documents to a complex ecosystem of web applications that are supported by various frameworks. This paradigm shift has been promoting a s...
详细信息
For over two decades, the web has been evolving from a simple set of hypermedia documents to a complex ecosystem of web applications that are supported by various frameworks. This paradigm shift has been promoting a series of practices that lead to an increasing number of vulnerabilities, which can compromise the security of web appli- cations. One of the main contributing factors lies in vulnerable source code, written in unsafe languages such as PHP. In order to mitigate the problem, a large research effort on web application security has occurred over the past years. Source code static analysis tools perform the task of finding program vulnerabilities in an automated fashion. These tools offer superior code coverage, easier integration into the application development cycle, and do not require the actual code to be executed. They instead perform source code analysis, looking for poten- tial bugs while inspecting the program code. However, the analysis performed by these tools depends on their knowledge of the classes of vulnerabilities and the implementation of analysis techniques, such as taint analysis. This means that, on one hand, the tools only search for vulnerabilities in the source code that they hold knowledge of, being unable to find other kinds of problems. On the other hand, the tools may generate false positives and false negatives, due to the limitations and incompleteness of implemented analysis techniques. One of such tools is the Web Application Protection (WAP). The main objective of this dissertation is to identify problems with WAP and improve its vulnerability detec- tion capabilities, when processing open source PHP code. Four static analysis tools - WAP, Pixy, phpSAFE and RIPS - are evaluated against a set of WordPress plugins that are known to be vulnerable, in order to collect examples of incorrect processing of the tools which lead, for instance, to false negatives. Additionally, we define and evaluate several use cases for a common foun
暂无评论