• DocumentCode
    700389
  • Title

    Protecting web applications via Unicode extension

  • Author

    Zekan, Boze ; Shtern, Mark ; Tzerpos, Vassilios

  • Author_Institution
    Electr. Eng. & Comput. Sci., York Univ., Toronto, ON, Canada
  • fYear
    2015
  • fDate
    2-6 March 2015
  • Firstpage
    419
  • Lastpage
    428
  • Abstract
    Protecting web applications against security attacks, such as command injection, is an issue that has been attracting increasing attention as such attacks are becoming more prevalent. Taint tracking is an approach that achieves protection while offering significant maintenance benefits when implemented at the language library level. This allows the transparent re-engineering of legacy web applications without the need to modify their source code. Such an approach can be implemented at either the string or the character level.
  • Keywords
    program debugging; security of data; software maintenance; command injection; language library level; legacy Web application; maintenance benefit; security attack; taint tracking; unicode extension; Databases; Java; Operating systems; Prototypes; Security; Servers;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Analysis, Evolution and Reengineering (SANER), 2015 IEEE 22nd International Conference on
  • Conference_Location
    Montreal, QC
  • Type

    conf

  • DOI
    10.1109/SANER.2015.7081852
  • Filename
    7081852
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=700389