Current intrusion detection systems work in isolation from access control for the application the systems aim to protect. The lack of coordination and inter-operation between thes...
Tatyana Ryutov, B. Clifford Neuman, Dong-Ho Kim, L...
Abstract. The Internet, and in particular the world-wide web, have become part of the everyday life of millions of people. With the growth of the web, the demand for on-line servic...
Manuel Egele, Martin Szydlowski, Engin Kirda, Chri...
SQL injection attacks potentially affect all applications, especially web applications, that utilize a database backend. While these attacks are generally against the application...
We present a static control-flow analysis for JavaScript programs running in a web browser. Our analysis tackles numerous challenges posed by modern web applications including asy...
Web applications rely heavily on client-side computation to examine and validate form inputs that are supplied by a user (e.g., “credit card expiration date must be valid”). T...