Development of a String Injection Vulnerability Analyzer for Web Application Programs

Name: Work Video:
Duration: 3 min 30 s
Joon-Seon Ahn; Yeong-Min Kim; Jang-Wu Jo
{'id': 'https://openalex.org/W1990297896', 'doi': 'https://doi.org/10.3745/kipsta.2008.15-a.3.181', 'title': 'Development of a String Injection Vulnerability Analyzer for Web Application Programs', 'display_name': 'Development of a String Injection Vulnerability Analyzer for Web Application Programs', 'publication_year': 2008, 'publication_date': '2008-06-30', 'ids': {'openalex': 'https://openalex.org/W1990297896', 'doi': 'https://doi.org/10.3745/kipsta.2008.15-a.3.181', 'mag': '1990297896'}, 'language': 'en', 'primary_location': {'is_oa': True, 'landing_page_url': 'https://doi.org/10.3745/kipsta.2008.15-a.3.181', 'pdf_url': 'http://society.kisti.re.kr/sv/SV_svpsbs03V.do?method=download&cn1=JAKO200821852186799', 'source': {'id': 'https://openalex.org/S4210189525', 'display_name': 'The KIPS Transactions PartA', 'issn_l': '1598-2831', 'issn': ['1598-2831'], 'is_oa': False, 'is_in_doaj': False, 'is_core': False, 'host_organization': None, 'host_organization_name': None, 'host_organization_lineage': [], 'host_organization_lineage_names': [], 'type': 'journal'}, 'license': None, 'license_id': None, 'version': 'publishedVersion', 'is_accepted': True, 'is_published': True}, 'type': 'article', 'type_crossref': 'journal-article', 'indexed_in': ['crossref'], 'open_access': {'is_oa': True, 'oa_status': 'bronze', 'oa_url': 'http://society.kisti.re.kr/sv/SV_svpsbs03V.do?method=download&cn1=JAKO200821852186799', 'any_repository_has_fulltext': False}, 'authorships': [{'author_position': 'first', 'author': {'id': 'https://openalex.org/A5076305667', 'display_name': 'Joon-Seon Ahn', 'orcid': None}, 'institutions': [], 'countries': [], 'is_corresponding': False, 'raw_author_name': 'Joon-Seon Ahn', 'raw_affiliation_strings': [], 'affiliations': []}, {'author_position': 'middle', 'author': {'id': 'https://openalex.org/A5109100414', 'display_name': 'Yeong-Min Kim', 'orcid': None}, 'institutions': [], 'countries': [], 'is_corresponding': False, 'raw_author_name': 'Yeong-Min Kim', 'raw_affiliation_strings': [], 'affiliations': []}, {'author_position': 'last', 'author': {'id': 'https://openalex.org/A5076075948', 'display_name': 'Jang-Wu Jo', 'orcid': None}, 'institutions': [], 'countries': [], 'is_corresponding': False, 'raw_author_name': 'Jang-Wu Jo', 'raw_affiliation_strings': [], 'affiliations': []}], 'institution_assertions': [], 'countries_distinct_count': 0, 'institutions_distinct_count': 0, 'corresponding_author_ids': [], 'corresponding_institution_ids': [], 'apc_list': None, 'apc_paid': None, 'fwci': 0.0, 'has_fulltext': False, 'cited_by_count': 0, 'citation_normalized_percentile': {'value': 0.0, 'is_in_top_1_percent': False, 'is_in_top_10_percent': False}, 'cited_by_percentile_year': {'min': 0, 'max': 63}, 'biblio': {'volume': '15A', 'issue': '3', 'first_page': '181', 'last_page': '188'}, 'is_retracted': False, 'is_paratext': False, 'primary_topic': {'id': 'https://openalex.org/T12479', 'display_name': 'Web Application Security Vulnerabilities', 'score': 1.0, 'subfield': {'id': 'https://openalex.org/subfields/1710', 'display_name': 'Information Systems'}, 'field': {'id': 'https://openalex.org/fields/17', 'display_name': 'Computer Science'}, 'domain': {'id': 'https://openalex.org/domains/3', 'display_name': 'Physical Sciences'}}, 'topics': [{'id': 'https://openalex.org/T12479', 'display_name': 'Web Application Security Vulnerabilities', 'score': 1.0, 'subfield': {'id': 'https://openalex.org/subfields/1710', 'display_name': 'Information Systems'}, 'field': {'id': 'https://openalex.org/fields/17', 'display_name': 'Computer Science'}, 'domain': {'id': 'https://openalex.org/domains/3', 'display_name': 'Physical Sciences'}}, {'id': 'https://openalex.org/T11424', 'display_name': 'Security and Verification in Computing', 'score': 0.9825, 'subfield': {'id': 'https://openalex.org/subfields/1702', 'display_name': 'Artificial Intelligence'}, 'field': {'id': 'https://openalex.org/fields/17', 'display_name': 'Computer Science'}, 'domain': {'id': 'https://openalex.org/domains/3', 'display_name': 'Physical Sciences'}}, {'id': 'https://openalex.org/T10734', 'display_name': 'Information and Cyber Security', 'score': 0.982, 'subfield': {'id': 'https://openalex.org/subfields/1710', 'display_name': 'Information Systems'}, 'field': {'id': 'https://openalex.org/fields/17', 'display_name': 'Computer Science'}, 'domain': {'id': 'https://openalex.org/domains/3', 'display_name': 'Physical Sciences'}}], 'keywords': [{'id': 'https://openalex.org/keywords/cross-site-scripting', 'display_name': 'Cross-Site Scripting', 'score': 0.9671113}, {'id': 'https://openalex.org/keywords/sql-injection', 'display_name': 'SQL Injection', 'score': 0.8938817}], 'concepts': [{'id': 'https://openalex.org/C39569185', 'wikidata': 'https://www.wikidata.org/wiki/Q371199', 'display_name': 'Cross-site scripting', 'level': 5, 'score': 0.9671113}, {'id': 'https://openalex.org/C150451098', 'wikidata': 'https://www.wikidata.org/wiki/Q506059', 'display_name': 'SQL injection', 'level': 5, 'score': 0.8938817}, {'id': 'https://openalex.org/C41008148', 'wikidata': 'https://www.wikidata.org/wiki/Q21198', 'display_name': 'Computer science', 'level': 0, 'score': 0.8344456}, {'id': 'https://openalex.org/C61423126', 'wikidata': 'https://www.wikidata.org/wiki/Q187432', 'display_name': 'Scripting language', 'level': 2, 'score': 0.6607941}, {'id': 'https://openalex.org/C100158260', 'wikidata': 'https://www.wikidata.org/wiki/Q1650567', 'display_name': 'Dynamic web page', 'level': 3, 'score': 0.5970429}, {'id': 'https://openalex.org/C118643609', 'wikidata': 'https://www.wikidata.org/wiki/Q189210', 'display_name': 'Web application', 'level': 2, 'score': 0.5956758}, {'id': 'https://openalex.org/C157486923', 'wikidata': 'https://www.wikidata.org/wiki/Q1376436', 'display_name': 'String (physics)', 'level': 2, 'score': 0.56163865}, {'id': 'https://openalex.org/C59241245', 'wikidata': 'https://www.wikidata.org/wiki/Q4781497', 'display_name': 'Web application security', 'level': 4, 'score': 0.48675537}, {'id': 'https://openalex.org/C21959979', 'wikidata': 'https://www.wikidata.org/wiki/Q36774', 'display_name': 'Web page', 'level': 2, 'score': 0.47409615}, {'id': 'https://openalex.org/C510870499', 'wikidata': 'https://www.wikidata.org/wiki/Q47607', 'display_name': 'SQL', 'level': 2, 'score': 0.47080076}, {'id': 'https://openalex.org/C136764020', 'wikidata': 'https://www.wikidata.org/wiki/Q466', 'display_name': 'World Wide Web', 'level': 1, 'score': 0.45646894}, {'id': 'https://openalex.org/C158007255', 'wikidata': 'https://www.wikidata.org/wiki/Q1055222', 'display_name': 'Spectrum analyzer', 'level': 2, 'score': 0.4562425}, {'id': 'https://openalex.org/C77088390', 'wikidata': 'https://www.wikidata.org/wiki/Q8513', 'display_name': 'Database', 'level': 1, 'score': 0.40439284}, {'id': 'https://openalex.org/C199360897', 'wikidata': 'https://www.wikidata.org/wiki/Q9143', 'display_name': 'Programming language', 'level': 1, 'score': 0.37590086}, {'id': 'https://openalex.org/C79373723', 'wikidata': 'https://www.wikidata.org/wiki/Q386275', 'display_name': 'Web development', 'level': 3, 'score': 0.30417466}, {'id': 'https://openalex.org/C194222762', 'wikidata': 'https://www.wikidata.org/wiki/Q114486', 'display_name': 'Query by Example', 'level': 4, 'score': 0.074839026}, {'id': 'https://openalex.org/C76155785', 'wikidata': 'https://www.wikidata.org/wiki/Q418', 'display_name': 'Telecommunications', 'level': 1, 'score': 0.0}, {'id': 'https://openalex.org/C121332964', 'wikidata': 'https://www.wikidata.org/wiki/Q413', 'display_name': 'Physics', 'level': 0, 'score': 0.0}, {'id': 'https://openalex.org/C62520636', 'wikidata': 'https://www.wikidata.org/wiki/Q944', 'display_name': 'Quantum mechanics', 'level': 1, 'score': 0.0}, {'id': 'https://openalex.org/C164120249', 'wikidata': 'https://www.wikidata.org/wiki/Q995982', 'display_name': 'Web search query', 'level': 3, 'score': 0.0}, {'id': 'https://openalex.org/C97854310', 'wikidata': 'https://www.wikidata.org/wiki/Q19541', 'display_name': 'Search engine', 'level': 2, 'score': 0.0}], 'mesh': [], 'locations_count': 1, 'locations': [{'is_oa': True, 'landing_page_url': 'https://doi.org/10.3745/kipsta.2008.15-a.3.181', 'pdf_url': 'http://society.kisti.re.kr/sv/SV_svpsbs03V.do?method=download&cn1=JAKO200821852186799', 'source': {'id': 'https://openalex.org/S4210189525', 'display_name': 'The KIPS Transactions PartA', 'issn_l': '1598-2831', 'issn': ['1598-2831'], 'is_oa': False, 'is_in_doaj': False, 'is_core': False, 'host_organization': None, 'host_organization_name': None, 'host_organization_lineage': [], 'host_organization_lineage_names': [], 'type': 'journal'}, 'license': None, 'license_id': None, 'version': 'publishedVersion', 'is_accepted': True, 'is_published': True}], 'best_oa_location': {'is_oa': True, 'landing_page_url': 'https://doi.org/10.3745/kipsta.2008.15-a.3.181', 'pdf_url': 'http://society.kisti.re.kr/sv/SV_svpsbs03V.do?method=download&cn1=JAKO200821852186799', 'source': {'id': 'https://openalex.org/S4210189525', 'display_name': 'The KIPS Transactions PartA', 'issn_l': '1598-2831', 'issn': ['1598-2831'], 'is_oa': False, 'is_in_doaj': False, 'is_core': False, 'host_organization': None, 'host_organization_name': None, 'host_organization_lineage': [], 'host_organization_lineage_names': [], 'type': 'journal'}, 'license': None, 'license_id': None, 'version': 'publishedVersion', 'is_accepted': True, 'is_published': True}, 'sustainable_development_goals': [], 'grants': [], 'datasets': [], 'versions': [], 'referenced_works_count': 9, 'referenced_works': ['https://openalex.org/W109951691', 'https://openalex.org/W1504051120', 'https://openalex.org/W1809751277', 'https://openalex.org/W2003115932', 'https://openalex.org/W2006591097', 'https://openalex.org/W2008158744', 'https://openalex.org/W2102632372', 'https://openalex.org/W2107604680', 'https://openalex.org/W2166894669'], 'related_works': ['https://openalex.org/W4256450364', 'https://openalex.org/W4245700610', 'https://openalex.org/W4238821156', 'https://openalex.org/W2955734438', 'https://openalex.org/W2791970934', 'https://openalex.org/W2775081089', 'https://openalex.org/W2504194819', 'https://openalex.org/W2407701912', 'https://openalex.org/W2167752994', 'https://openalex.org/W1982746004'], 'abstract_inverted_index': {'오늘날': [0], '대부분의': [1], '웹사이트는': [2], '웹': [3, 7, 19, 47], '응용': [4, 20, 48], '프로그램이': [5], '적절한': [6], '페이지를': [8], '생성하여': [9], '전송하는': [10], '형태인': [11], '동적': [12], '웹페이지를': [13], '사용하고': [14], '있다.': [15, 28], '이에': [16], '대하여,': [17], '취약한': [18], '프로그램에': [21], '악의적인': [22], '문자열을': [23], '전달하는': [24], '공격의': [25], '형태가': [26], '증가하고': [27], '본': [29], '논문에서는': [30], '대표적인': [31], '문자열': [32, 66], '삽입': [33], '공격인': [34], 'SQL': [35, 156], '삽입(SQL': [36], 'Injection)': [37], '공격과': [38], '크로스': [39], '사이트': [40], '스크립팅(Cross': [41], 'Site': [42], 'Scripting,': [43], 'XSS)': [44], '공격에': [45], '대하여': [46], '프로그램내의': [49], '보안': [50], '취약성을': [51], '자동으로': [52], '찾아': [53], '주는': [54], '프로그램': [55, 62], '정적': [56], '분석기를': [57, 83], '개발하였다.': [58], '요약': [59, 72], '해석을': [60], '사용한': [61], '분석을': [63], '위하여': [64], '가능한': [65], '값을': [67], '제외': [68], '문자열들과': [69], '함께': [70], '표현하는': [71], '자료': [73], '공간과': [74], 'PHP': [75, 193], '언어의': [76], '요약된': [77], '의미': [78], '규칙을': [79], '설계하였으며,': [80], '이를': [81], '기반으로': [82], '구현하였다.': [84], '또한': [85], '개발된': [86], '분석기가': [87], '기존의': [88], '연구': [89], '결과와': [90], '비교하여': [91], '경쟁력': [92], '있는': [93], '분석': [94], '속도와': [95], '정밀도를': [96], '가짐을': [97], '실험을': [98], '통하여': [99], '보였다.': [100], 'Nowadays,': [101], 'most': [102], 'web': [103, 109, 112, 119, 132, 149], 'sites': [104], 'are': [105, 114], 'developed': [106, 187], 'using': [107, 168], 'dynamic': [108], 'pages': [110, 113], 'where': [111], 'generated': [115], 'and': [116, 159, 186, 214], 'transmitted': [117], 'by': [118], 'application': [120, 150], 'programs.': [121], 'Therefore,': [122], 'the': [123, 155, 160, 192], 'ratio': [124], 'of': [125], 'attacks': [126], 'injecting': [127], 'malevolent': [128], 'strings': [129, 185], 'to': [130, 154, 205], 'vulnerable': [131], 'applications': [133], 'is': [134], 'increasing.': [135], 'In': [136], 'this': [137], 'paper,': [138], 'we': [139, 172, 199], 'present': [140], 'a': [141, 148, 201], 'static': [142, 202], 'program': [143, 151], 'analyzer': [144, 209], 'which': [145, 177], 'analyzes': [146], 'whether': [147], 'has': [152, 210], 'vulnerabilities': [153], 'injection': [157], 'attack': [158], 'cross': [161], 'site': [162], 'scripting(XSS)': [163], 'attack.': [164], 'To': [165], 'analyze': [166], 'programs': [167], 'abstract': [169, 175, 189], 'interpretation': [170], 'framework,': [171], 'designed': [173], 'an': [174, 188], 'domain': [176], 'models': [178], 'potential': [179], 'string': [180], 'set': [181], 'along': [182], 'with': [183, 217], 'excluded': [184], 'interpreter': [190], 'for': [191], 'language.': [194], 'Also,': [195], 'based': [196], 'on': [197], 'them,': [198], 'implemented': [200], 'analyzer.': [203], 'According': [204], 'our': [206, 208], 'experiments,': [207], 'competitive': [211], 'analysis': [212], 'speed': [213], 'accuracy': [215], 'compared': [216], 'related': [218], 'research': [219], 'results.': [220]}, 'cited_by_api_url': 'https://api.openalex.org/works?filter=cites:W1990297896', 'counts_by_year': [], 'updated_date': '2024-12-13T21:38:40.085099', 'created_date': '2016-06-24'}
Publication Information

Basic Information

Access and Citation

AI Researcher Chatbot

Primary Location

Authors

Topics

Keywords

Related Works
