多语言Web漏洞检测

2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI:10.1109/ISSREW51248.2020.00058

Alexandra Figueiredo, Tatjana Lide, M. Correia

{"title":"多语言Web漏洞检测","authors":"Alexandra Figueiredo, Tatjana Lide, M. Correia","doi":"10.1109/ISSREW51248.2020.00058","DOIUrl":null,"url":null,"abstract":"Most web applications are compromised due to vulnerable source code [1]. Static code analysis tools that are often used to find security vulnerabilities in code have two main problems: they are language-specific, and they have to be programmed, or at least configured manually, to deal with new types of vulnerabilities.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Multi-Language Web Vulnerability Detection\",\"authors\":\"Alexandra Figueiredo, Tatjana Lide, M. Correia\",\"doi\":\"10.1109/ISSREW51248.2020.00058\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most web applications are compromised due to vulnerable source code [1]. Static code analysis tools that are often used to find security vulnerabilities in code have two main problems: they are language-specific, and they have to be programmed, or at least configured manually, to deal with new types of vulnerabilities.\",\"PeriodicalId\":202247,\"journal\":{\"name\":\"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISSREW51248.2020.00058\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSREW51248.2020.00058","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

大多数web应用程序由于易受攻击的源代码而受到损害[1]。通常用于查找代码中的安全漏洞的静态代码分析工具有两个主要问题:它们是特定于语言的，并且必须对它们进行编程，或者至少手动配置，以处理新类型的漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Multi-Language Web Vulnerability Detection

Most web applications are compromised due to vulnerable source code [1]. Static code analysis tools that are often used to find security vulnerabilities in code have two main problems: they are language-specific, and they have to be programmed, or at least configured manually, to deal with new types of vulnerabilities.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)

自引率

0.00%

发文量