Open Access. Powered by Scholars. Published by Universities.®

Physical Sciences and Mathematics Commons

Open Access. Powered by Scholars. Published by Universities.®

Information Security

PDF

Research Collection School Of Computing and Information Systems

2013

Data mining

Articles 1 - 1 of 1

Full-Text Articles in Physical Sciences and Mathematics

Towards A Hybrid Framework For Detecting Input Manipulation Vulnerabilities, Sun Ding, Hee Beng Kuan Tan, Lwin Khin Shar, Bindu Madhavi Padmanabhuni Dec 2013

Towards A Hybrid Framework For Detecting Input Manipulation Vulnerabilities, Sun Ding, Hee Beng Kuan Tan, Lwin Khin Shar, Bindu Madhavi Padmanabhuni

Research Collection School Of Computing and Information Systems

Input manipulation vulnerabilities such as SQL Injection, Cross-site scripting, Buffer Overflow vulnerabilities are highly prevalent and pose critical security risks. As a result, many methods have been proposed to apply static analysis, dynamic analysis or a combination of them, to detect such security vulnerabilities. Most of the existing methods classify vulnerabilities into safe and unsafe. They have both false-positive and false-negative cases. In general, security vulnerability can be classified into three cases: (1) provable safe, (2) provable unsafe, (3) unsure. In this paper, we propose a hybrid framework-Detecting Input Manipulation Vulnerabilities (DIMV), to verify the adequacy of security vulnerability defenses …

Go to article