The Vulnerability Analysis Framework for Java Bytecode
Parallel and Distributed Systems(2009)
摘要
Since Java web applications are used widely in Internet today, the security of it becomes an outstanding problem. The attacks, including SQL injection attack, XSS attack, and etc, are great challenges for the Java application. This paper presents the vulnerability analysis framework to detect the security hole in the Java web applications. The framework combines the techniques of the static points-to dataflow analysis, the dynamical instrument and the fuzzing test. With the cooperation of these static and dynamical analysis techniques, it can improve the efficiency and accuracy of the analysis and lower the false positive rate.
更多查看译文
关键词
vulnerability analysis,static points-to dataflow analysis,vulnerability analysis framework,security hole,analysis framework,java bytecode,java web application,static points-to-dataflow analysis,fuzzing test,xss attack,dynamical instrument,sql injection attack,java application,static analysis,internet,data flow analysis,dynamical analysis technique,java,dynamical analysis,security of data,false positive rate,databases,security,tv,construction industry
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要