Title :
Path sensitive static analysis of web applications for remote code execution vulnerability detection
Author :
Yunhui Zheng ; Xiangyu Zhang
Author_Institution :
Dept. of Comput. Sci., Purdue Univ., West Lafayette, IN, USA
Abstract :
Remote code execution (RCE) attacks are one of the most prominent security threats for web applications. It is a special kind of cross-site-scripting (XSS) attack that allows client inputs to be stored and executed as server side scripts. RCE attacks often require coordination of multiple requests and manipulation of string and non-string inputs from the client side to nullify the access control protocol and induce unusual execution paths on the server side. We propose a path- and context-sensitive interprocedural analysis to detect RCE vulnerabilities. The analysis features a novel way of analyzing both the string and non-string behavior of a web application in a path sensitive fashion. It thoroughly handles the practical challenges entailed by modeling RCE attacks. We develop a prototype system and evaluate it on ten real-world PHP applications. We have identified 21 true RCE vulnerabilities, with 8 unreported before.
Keywords :
Internet; authorisation; program diagnostics; PHP application; RCE attack modeling; RCE vulnerabilities detection; Web application; XSS attack; access control protocol; context-sensitive interprocedural analysis; cross-site-scripting attack; path sensitive static analysis; path-sensitive interprocedural analysis; remote code execution attacks; remote code execution vulnerability detection; security threats; server side scripts; Access control; Cognition; Context; Semantics; Servers; Standards;
Conference_Titel :
Software Engineering (ICSE), 2013 35th International Conference on
Conference_Location :
San Francisco, CA
Print_ISBN :
978-1-4673-3073-2
DOI :
10.1109/ICSE.2013.6606611
