A web-application vulnerability detection model
Abstract
A web-application vulnerability detection model based on static analysis of source codes is proposed. Evaluation system used by the vulnerability detection model is described. Several ways of extending the model for certain difficult cases are shown.
About the Authors
V. V. Bakhtizin
Белорусский государственный университет информатики и радиоэлектроники
Belarus
Belarus
D. E. Onoshko
Белорусский государственный университет информатики и радиоэлектроники
Belarus
Belarus
References
1. OWASP Top 10-2013. The Ten Most Critical Web Application Security Risks. [Электронный ресурс]. - Режим доступа: http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf. - Дата доступа: 31.10.2013.
2. Фаулер М. Архитектура корпоративных программных приложений. М., 2006.
3. Patrick Cousot, Radhia Cousot // Conference Record of the Fourth ACM Symposium on Principles of Programming Languages. Los Angeles, California, USA, January, 1977. P. 238-252
4. Making Wrong Code Look Wrong - Joel on Software. [Электронный ресурс]. - Режим доступа: http://www.joelonsoftware.com/articles/Wrong.html. - Дата доступа: 21.12.2014.
Review
For citations:
Bakhtizin V.V., Onoshko D.E. A web-application vulnerability detection model. Doklady BGUIR. 2016;(1):5-11. (In Russ.)
Views: 323
Email this article 