The essence of command injection attacks in web applications
DOI10.1145/1111037.1111070zbMATH Open1369.68158OpenAlexW2144696387MaRDI QIDQ5348937FDOQ5348937
Authors: Zhendong Su, Gary Wassermann 
Publication date: 21 August 2017
Published in: Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages (Search for Journal in Brave)
Full work available at URL: https://doi.org/10.1145/1111037.1111070
Recommendations
Mathematical aspects of software engineering (specification, verification, metrics, requirements, etc.) (68N30) Database theory (68P15) Grammars and rewriting systems (68Q42) Internet topics (68M11)
Cited In (10)
- Defining code-injection attacks
- Context-oriented web application protection model
- Trading plaintext-awareness for simulatability to achieve chosen ciphertext security
- Automation of the construction of models of normal program behavior
- A novel method for SQL injection attack detection based on removing SQL query attribute values
- Preventing injection attacks with syntax embeddings
- Static detection of DoS vulnerabilities in programs that use regular expressions
- A survey on server-side approaches to securing web applications
- Formal methods for web security
- Applied Cryptography and Network Security
This page was built for publication: The essence of command injection attacks in web applications
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q5348937)
