Automated Security Analysis of Dynamic Web Applications through Symbolic Code Execution

Author

Agosta, Giovanni ; Barenghi, Alessandro ; Parata, Antonio ; Pelosi, Gerardo

Author_Institution

Dipt. di Elettron. e Inf. (DEI), Politec. di Milano, Milan, Italy

fYear

2012

fDate

16-18 April 2012

Firstpage

189

Lastpage

194

Abstract

The automatic identification of security vulnerabilities is a critical issue in the development of web-based applications. We present a methodology and tool for vulnerability identification based on symbolic code execution exploiting Static Taint Analysis to improve the efficiency of the analysis. The tool targets PHP web applications, and demonstrates the effectiveness of our approach in identifying cross-site scripting and SQL injection vulnerabilities on both NIST synthetic benchmarks and real world applications. It proves to be faster and more effective than its main competitors, both open source and commercial.

Keywords

Internet; SQL; program diagnostics; security of data; NIST synthetic benchmarks; PHP Web applications; SQL injection vulnerabilities; analysis efficiency improvement; automated security analysis; cross-site scripting vulnerabilities; dynamic Web applications; security vulnerabilities; static taint analysis; symbolic code execution; vulnerability identification; Benchmark testing; History; NIST; Security; Servers; Software; Web pages; Cross-Site Scripting; SQL Injection; Static Taint Analysis; Symbolic Execution;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: New Generations (ITNG), 2012 Ninth International Conference on

Conference_Location

Las Vegas, NV

Print_ISBN

978-1-4673-0798-7

Type

conf

DOI

10.1109/ITNG.2012.167

Filename

6209165