scholarly journals Static Analysis Tools Against Cross-site Scripting Vulnerabilities in Web Applications : An Analysis

2021 ◽  
Vol 17 (2) ◽  
pp. 125-142
Author(s):  
Nurul Atiqah Abu Talib ◽  
Kyung-Goo Doh
Keyword(s):  
Static Analysis ◽  
Web Applications ◽  
Analysis Tools ◽  
Cross Site

scholarly journals Evaluation of SQL Injection Vulnerability Detection Tools

2019 ◽  
Vol 9 (1) ◽  
pp. 1747-1751
Keyword(s):  
Static Analysis ◽  
Web Applications ◽  
Source Code ◽  
False Negative ◽  
Vulnerability Detection ◽  
Sql Injection ◽  
User Input ◽  
Root Cause ◽  
Analysis Tools ◽  
Free Open Source

SQL injection vulnerabilities have been predominant on database-driven web applications since almost one decade. Exploiting such vulnerabilities enables attackers to gain unauthorized access to the back-end databases by altering the original SQL statements through manipulating user input. Testing web applications for identifying SQL injection vulnerabilities before deployment is essential to get rid of them. However, checking such vulnerabilities by hand is very tedious, difficult, and time-consuming. Web vulnerability static analysis tools are software tools for automatically identifying the root cause of SQL injection vulnerabilities in web applications source code. In this paper, we test and evaluate three free/open source static analysis tools using eight web applications with numerous known vulnerabilities, primarily for false negative rates. The evaluation results were compared and analysed, and they indicate a need to improve the tools.

scholarly journals Benchmarking Approach to Compare Web Applications Static Analysis Tools Detecting OWASP Top Ten Security Vulnerabilities

2020 ◽  
Vol 64 (3) ◽  
pp. 1555-1577 ◽  
Author(s):  
Juan R. Bermejo Higuera ◽  
Javier Bermejo Higuera ◽  
Juan A. Sicilia Montalvo ◽  
Javier Cubo Villalba ◽  
Juan Jos�Nombela P閞ez
Keyword(s):  
Static Analysis ◽  
Web Applications ◽  
Security Vulnerabilities ◽  
Analysis Tools

scholarly journals Hypervisor-assisted dynamic malware analysis

Cybersecurity ◽  
2021 ◽  
Vol 4 (1) ◽  
Author(s):  
Roee S. Leon ◽  
Michael Kiperberg ◽  
Anat Anatey Leon Zabag ◽  
Nezer Jacob Zaidenberg
Keyword(s):  
Dynamic Analysis ◽  
Static Analysis ◽  
Cyber Security ◽  
Malware Analysis ◽  
Analysis Tools ◽  
Significant Performance

AbstractMalware analysis is a task of utmost importance in cyber-security. Two approaches exist for malware analysis: static and dynamic. Modern malware uses an abundance of techniques to evade both dynamic and static analysis tools. Current dynamic analysis solutions either make modifications to the running malware or use a higher privilege component that does the actual analysis. The former can be easily detected by sophisticated malware while the latter often induces a significant performance overhead. We propose a method that performs malware analysis within the context of the OS itself. Furthermore, the analysis component is camouflaged by a hypervisor, which makes it completely transparent to the running OS and its applications. The evaluation of the system’s efficiency suggests that the induced performance overhead is negligible.

Static analysis tools for security checking in code at Motorola

2008 ◽  
Vol XXVIII (1) ◽  
pp. 76-82 ◽  
Author(s):  
R Krishnan ◽  
Margaret Nadworny ◽  
Nishil Bharill
Keyword(s):  
Static Analysis ◽  
Analysis Tools
Sign in / Sign up

Export Citation Format

Share Document