论文信息 - Intercepting Filter Approach to Injection Flaws

Intercepting Filter Approach to Injection Flaws

The growing number of web applications in the global economy has made it critically important to develop secure and reliable software to support the economy`s increasing dependence on web-based systems. We propose an intercepting filter approach to mitigate the risk of injection flaw exploitation- one of the most dangerous methods of attacking web applications. The proposed approach can be implemented in Java or .NET environments following the intercepting filter design pattern. This paper provides examples to illustrate the proposed approach.

Ahmed Salem

[1] D. T. Lee,et al. Securing web application code by static analysis and runtime protection , 2004, WWW '04.

[2] Alessandro Orso,et al. Combining static analysis and runtime monitoring to counter SQL-injection attacks , 2005 .

[3] Alessandro Orso,et al. AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks , 2005, ASE.

[4] Jesse C. Rabek,et al. Detection of injected, dynamically generated, and obfuscated malicious code , 2003, WORM '03.

[5] George Kurtz,et al. Hacking Exposed: Network Security Secrets & Solutions , 1999 .