In an empirical study of fourteen widely used open source PHP web applications, we found that the vulnerability density of the aggregate code base decreased from 8.88 vulnerabilit...
James Walden, Maureen Doyle, Grant A. Welch, Micha...
Security remains a major roadblock to universal acceptance of the Web for many kinds of transactions, especially since the recent sharp increase in remotely exploitable vulnerabil...
Yao-Wen Huang, Fang Yu, Christian Hang, Chung-Hung...
Web applications are the Achilles heel of our current ICT infrastructure. NIST's national vulnerability database clearly shows that the percentage of vulnerabilities located ...
Lieven Desmet, Frank Piessens, Wouter Joosen, Pier...
Recently SQL Injection Attack (SIA) has become a major threat to Web applications. Via carefully crafted user input, attackers can expose or manipulate the back-end database of a ...
Xiang Fu, Xin Lu, Boris Peltsverger, Shijun Chen, ...
We present a new method for dynamically detecting potential data races in multithreaded programs. Our method improves on the state of the art in accuracy, in usability, and in ove...