Zhejun Fang, Yuqing Zhang, Ying Kong and Qixu Liu Static detection of logic vulnerabilities in Java web applications Security and Communication Networks 7
In this paper, we propose the first lightweight static analysis approach to automatically detect logic vulnerabilitiesin Java web applications. We implemented our approach using program-slicing technique and a back-tracingextracting algorithm for control flow, and evaluated it on seven real-world applications scaled from thousands to million lines of code. The evaluation results show that our approach achieves bigger coverage with acceptable cost and better scalability than previous approaches.
Complete the form below and we will send an e-mail message containing a link to the selected article on your behalf