Abstract
Web applications support more and more our daily activities, it's important to improve their reliability and security. The content which users input to Web applications' server-side is named un-trusted content. Un-trusted content has a significant impact on the reliability and security of Web applications, so detecting the un-trusted variables in server-side program is important for improving the quality of Web applications. The previous methods have poor performance on weak typed and none typed server-side programs. To address this issue, this paper proposed a new technique for detecting un-trusted variables in PHP web applications (PHP is a weak typed server- side language). The technique is based upon a two phases static analysis algorithm. In the first phase, we extract modules from the Web application. Then un-trusted variables are detected from modules in the second phase. An implementation of the proposed techniques DUVP was also presented in the paper and it's successfully applied to detect un-trusted variables in large-scale PHP web application.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
