DocumentCode :
3245071
Title :
The Vulnerability Analysis Framework for Java Bytecode
Author :
Hong, Tang ; Hua, Chen ; Gang, Zhao ; Qiang, Liu ; Jinjin, Zhao
Author_Institution :
Beijing Inst. of Syst. Eng., Beijing, China
fYear :
2009
fDate :
8-11 Dec. 2009
Firstpage :
896
Lastpage :
901
Abstract :
Since Java web applications are used widely in Internet today, the security of it becomes an outstanding problem. The attacks, including SQL injection attack, XSS attack, and etc, are great challenges for the Java application. This paper presents the vulnerability analysis framework to detect the security hole in the Java web applications. The framework combines the techniques of the static points-to dataflow analysis, the dynamical instrument and the fuzzing test. With the cooperation of these static and dynamical analysis techniques, it can improve the efficiency and accuracy of the analysis and lower the false positive rate.
Keywords :
Internet; Java; data flow analysis; security of data; Internet; Java bytecode; dynamical analysis; false positive rate; fuzzing test; security hole; static analysis; static points-to-dataflow analysis; vulnerability analysis; Application software; Data analysis; Data security; Information analysis; Internet; Java; Performance analysis; Programming profession; Systems engineering and theory; Testing; Java bytecode; analysis framework; vulnerability analysis;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Parallel and Distributed Systems (ICPADS), 2009 15th International Conference on
Conference_Location :
Shenzhen
ISSN :
1521-9097
Print_ISBN :
978-1-4244-5788-5
Type :
conf
DOI :
10.1109/ICPADS.2009.74
Filename :
5395315
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3245071
بازگشت