Internet Archive Scholar

On Security Analysis of PHP Web Applications

David Hauzar, Jan Kofron
2012 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (175.0 kB)
https://web.archive.org/web/20120806162527/http://d3s.mff.cuni.cz/publications/download/2012-STPSA-HauzarKofron-OnSecurityAnalysisOfPHP.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL. The file type is application/pdf.

In recent years, focus of business world has been moved towards the Internet. Web applications provide a generous interface non-stop thus offering to malicious users a wide spectrum of possible attacks. Consequently, the security of web applications has become a crucial issue. The state-of-the-art tools for bug discovery in languages used for web-application development, such as PHP, suffer from a relatively high false-positive rate and low coverage of real errors; this is caused mainly by
more » ... cise modeling of dynamic features of such languages and path-insensivity of the tools. In this paper, we will demonstrate weak points of the tools and describe our novel approach to these issues. We will show how our technique handles some of the situations where other tools fail and illustrate it on examples.
doi:10.1109/compsacw.2012.106 dblp:conf/compsac/HauzarK12 fatcat:yx64bkoxwjasthf2swvqwgb5me
Citation

David Hauzar, Jan Kofron. "On Security Analysis of PHP Web Applications." 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops (2012) 577-582