Visible to the public Type-specific Languages to Fight Injection Attacks

TitleType-specific Languages to Fight Injection Attacks
Publication TypeConference Paper
Year of Publication2014
AuthorsKurilova, Darya, Omar, Cyrus, Nistor, Ligia, Chung, Benjamin, Potanin, Alex, Aldrich, Jonathan
Conference NameProceedings of the 2014 Symposium and Bootcamp on the Science of Security
Conference LocationRaleigh, NC, USA
ISBN Number978-1-4503-2907-1
KeywordsACM CCS, Foundations, science of security, Secure Control Systems, Software and Application Security, Web Application Security

Injection vulnerabilities have topped rankings of the most critical web application vulnerabilities for several years [1, 2]. They can occur anywhere where user input may be erroneously executed as code. The injected input is typically aimed at gaining unauthorized access to the system or to private information within it, corrupting the system's data, or disturbing system availability. Injection vulnerabilities are tedious and difficult to prevent.

Citation KeyKurilova:2014:TLF:2600176.2600194