Notice of RetractionA Static Analysis Tool for Detecting Web Application Injection Vulnerabilities for ASP Program

Notice of Retraction

After careful and considered review of the content of this paper by a duly constituted expert committee, this paper has been found to be in violation of IEEE´s Publication Principles.

We hereby retract the content of this paper. Reasonable effort should be made to remove all past references to this paper.

The presenting author of this paper has the option to appeal this decision by contacting TPII@ieee.org.

Publicly reported vulnerability in recent years strong growth of the Web Application , Cross-site scripting (XSS) and SQL injection have been the most dominant class of web vulnerabilities, Web application security has been a great challenge. For the case, the static analysis tools ASPWC presented in this paper to detect XSS attacks and SQL injection vulnerabilities based on taint analysis, It tracks various kinds of external input, tags taint types, constructing control flow graph is constructed based on the use of data flow analysis of the relevant information, taint data propagate to various kinds of vulnerability functions, and detect the XSS or SQL Injection vulnerability in web application´s source code. Experiments show that the detection approach is an effective way; it can be used to detect the XSS and SQL Injection vulnerability in the web application program based on ASP technology development.