ANOVUL: Detection of Logic Vulnerabilities in Annotated Programs via Data and Control Flow Analysis

Logic vulnerabilities are largely dependent on the expected functions of web applications. Their appearance depends on both application logic and related security policy which may change based on modifications in business requirements. Accordingly, there are no specific and common patterns for logic vulnerabilities moreover, a security policy is required for their detection. In this study, a vulne...