• DocumentCode
    3649017
  • Title

    On Security Analysis of PHP Web Applications

  • Author

    David Hauzar;Jan Kofron

  • Author_Institution
    Fac. of Math. &
  • fYear
    2012
  • fDate
    7/1/2012 12:00:00 AM
  • Firstpage
    577
  • Lastpage
    582
  • Abstract
    In recent years, focus of business world has been moved towards the Internet. Web applications provide a generous interface non-stop thus offering to malicious users a wide spectrum of possible attacks. Consequently, the security of web applications has become a crucial issue. The state-of-the-art tools for bug discovery in languages used for web-application development, such as PHP, suffer from a relatively high false-positive rate and low coverage of real errors; this is caused mainly by unprecise modeling of dynamic features of such languages and path-insensivity of the tools. In this paper, we will demonstrate weak points of the tools and describe our novel approach to these issues. We will show how our technique handles some of the situations where other tools fail and illustrate it on examples.
  • Keywords
    "Indexes","Concrete","Data models","Arrays","Object oriented modeling","Image edge detection","Analytical models"
  • Publisher
    ieee
  • Conference_Titel
    Computer Software and Applications Conference Workshops (COMPSACW), 2012 IEEE 36th Annual
  • Print_ISBN
    978-1-4673-2714-5
  • Type

    conf

  • DOI
    10.1109/COMPSACW.2012.106
  • Filename
    6341638