An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
Malicious users can attack Web applications by exploiting injection vulnerabilities in the source code. This work addresses the challenge of detecting injection vulnerabilities in the server-side code of Java Web applications in a scalable and effective way. We propose an integrated approach that se...
| Main Authors: | , , , |
|---|---|
| Other Authors: | |
| Format: | Journal Article |
| Language: | English |
| Published: |
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/154605 |
| _version_ | 1811681251951640576 |
|---|---|
| author | Thome, Julian Shar, Lwin Khin Bianculli, Domenico Briand, Lionel |
| author2 | School of Computer Science and Engineering |
| author_facet | School of Computer Science and Engineering Thome, Julian Shar, Lwin Khin Bianculli, Domenico Briand, Lionel |
| author_sort | Thome, Julian |
| collection | NTU |
| description | Malicious users can attack Web applications by exploiting injection vulnerabilities in the source code. This work addresses the challenge of detecting injection vulnerabilities in the server-side code of Java Web applications in a scalable and effective way. We propose an integrated approach that seamlessly combines security slicing with hybrid constraint solving; the latter orchestrates automata-based solving with meta-heuristic search. We use static analysis to extract minimal program slices relevant to security from Web programs and to generate attack conditions. We then apply hybrid constraint solving to determine the satisfiability of attack conditions and thus detect vulnerabilities. The experimental results, using a benchmark comprising a set of diverse and representative Web applications/services as well as security benchmark applications, show that our approach (implemented in the JOACO tool) is significantly more effective at detecting injection vulnerabilities than state-of-the-art approaches, achieving 98 percent recall, without producing any false alarm. We also compared the constraint solving module of our approach with state-of-the-art constraint solvers, using six different benchmark suites; our approach correctly solved the highest number of constraints (665 out of 672), without producing any incorrect result, and was the one with the least number of time-out/failing cases. In both scenarios, the execution time was practically acceptable, given the offline nature of vulnerability detection. |
| first_indexed | 2024-10-01T03:37:59Z |
| format | Journal Article |
| id | ntu-10356/154605 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T03:37:59Z |
| publishDate | 2021 |
| record_format | dspace |
| spelling | ntu-10356/1546052021-12-29T03:29:34Z An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving Thome, Julian Shar, Lwin Khin Bianculli, Domenico Briand, Lionel School of Computer Science and Engineering Engineering::Computer science and engineering Security Benchmark Testing Malicious users can attack Web applications by exploiting injection vulnerabilities in the source code. This work addresses the challenge of detecting injection vulnerabilities in the server-side code of Java Web applications in a scalable and effective way. We propose an integrated approach that seamlessly combines security slicing with hybrid constraint solving; the latter orchestrates automata-based solving with meta-heuristic search. We use static analysis to extract minimal program slices relevant to security from Web programs and to generate attack conditions. We then apply hybrid constraint solving to determine the satisfiability of attack conditions and thus detect vulnerabilities. The experimental results, using a benchmark comprising a set of diverse and representative Web applications/services as well as security benchmark applications, show that our approach (implemented in the JOACO tool) is significantly more effective at detecting injection vulnerabilities than state-of-the-art approaches, achieving 98 percent recall, without producing any false alarm. We also compared the constraint solving module of our approach with state-of-the-art constraint solvers, using six different benchmark suites; our approach correctly solved the highest number of constraints (665 out of 672), without producing any incorrect result, and was the one with the least number of time-out/failing cases. In both scenarios, the execution time was practically acceptable, given the offline nature of vulnerability detection. This work is supported by the National Research Fund, Luxembourg FNR/P10/03, INTER/DFG/14/11092585, and the AFR grant FNR9132112. 2021-12-29T03:29:34Z 2021-12-29T03:29:34Z 2020 Journal Article Thome, J., Shar, L. K., Bianculli, D. & Briand, L. (2020). An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving. IEEE Transactions On Software Engineering, 46(2), 163-195. https://dx.doi.org/10.1109/TSE.2018.2844343 0098-5589 https://hdl.handle.net/10356/154605 10.1109/TSE.2018.2844343 2-s2.0-85048163216 2 46 163 195 en IEEE Transactions on Software Engineering © 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. |
| spellingShingle | Engineering::Computer science and engineering Security Benchmark Testing Thome, Julian Shar, Lwin Khin Bianculli, Domenico Briand, Lionel An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| title | An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| title_full | An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| title_fullStr | An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| title_full_unstemmed | An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| title_short | An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| title_sort | integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving |
| topic | Engineering::Computer science and engineering Security Benchmark Testing |
| url | https://hdl.handle.net/10356/154605 |
| work_keys_str_mv | AT thomejulian anintegratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT sharlwinkhin anintegratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT biancullidomenico anintegratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT briandlionel anintegratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT thomejulian integratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT sharlwinkhin integratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT biancullidomenico integratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving AT briandlionel integratedapproachforeffectiveinjectionvulnerabilityanalysisofwebapplicationsthroughsecurityslicingandhybridconstraintsolving |