Access Control Vulnerabilities Detection for Web Application Components

In this paper we review the research progress of the mainstream approaches of detecting access control vulnerabilities and classify them based on the key techniques for web application components. And we compare different detection methods, analyze their advantages and flaws. Then we discuss the experimental results of relevant detection tools for realistic usage. Finally, we summarize the general framework of detection method and provide future research directions in this area.

[1]  Ettore Merlo,et al.  Extraction of Inter-procedural Simple Role Privilege Models from PHP Code , 2009, 2009 16th Working Conference on Reverse Engineering.

[2]  Zhendong Su,et al.  Static Detection of Access Control Vulnerabilities in Web Applications , 2011, USENIX Security Symposium.

[3]  Christoforos E. Kozyrakis,et al.  Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications , 2009, USENIX Security Symposium.

[4]  Qi Lin-hai Research and implementation of access-rights control in web systems , 2008 .

[5]  Jun Zhu,et al.  Detecting Privilege Escalation Attacks through Instrumenting Web Application Source Code , 2016, SACMAT.

[6]  Tevfik Bultan,et al.  Finding access control bugs in web applications with CanCheck , 2016, 2016 31st IEEE/ACM International Conference on Automated Software Engineering (ASE).

[7]  Thierry Lavoie,et al.  Extraction and comprehension of moodle's access control model: A case study , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[8]  Christopher Krügel,et al.  Precise alias analysis for static detection of web application vulnerabilities , 2006, PLAS '06.

[9]  Prasad Naldurg,et al.  MACE: Detecting Privilege Escalation Vulnerabilities in Web Applications , 2014, CCS.

[10]  Dimitris Gritzalis,et al.  Automated Detection of Logical Errors in Programs , 2014, CRiSIS.

[11]  Ettore Merlo,et al.  Fast Detection of Access Control Vulnerabilities in PHP Applications , 2012, 2012 19th Working Conference on Reverse Engineering.

[12]  Lujo Bauer,et al.  Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies , 2016, SACMAT.

[13]  Stephan Merz,et al.  Model Checking , 2000 .

[14]  Zhendong Su,et al.  The essence of command injection attacks in web applications , 2006, POPL '06.