A study on Web security incidents in China by analyzing vulnerability disclosure platforms
作者: Cheng Huang , JiaYong Liu , Yong Fang , Zheng Zuo
DOI: 10.1016/J.COSE.2015.11.006
关键词:
摘要: … Frequently, those incidents are caused by common Web vulnerabilities, like Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), SQL injection, the exploitation of broken …
acm.org
sci-hub.se 参考文章(19)
Taeseung Lee, Giyoun Won, Seongje Cho, Namje Park, Dongho Won, Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing network and parallel computing. pp. 138- 144 ,(2012) , 10.1007/978-3-642-35606-3_16
A. M. Chandrasekhar, K. Raghuveer, An Effective Technique for Intrusion Detection Using Neuro-Fuzzy and Radial SVM Classifier Lecture Notes in Electrical Engineering. pp. 499- 507 ,(2013) , 10.1007/978-1-4614-6154-8_49
Tom van Goethem, Ping Chen, Nick Nikiforakis, Lieven Desmet, Wouter Joosen, Large-Scale Security Analysis of the Web: Challenges and Findings trust and trustworthy computing. ,vol. 7, pp. 110- 126 ,(2014) , 10.1007/978-3-319-08593-7_8
Dennis Appelt, Duy Cu Nguyen, Lionel Briand, Nadia Alshahwan, Black-box SQL Injection Testing ,(2014)
Omer Tripp, Marco Pistoia, Patrick Cousot, Radhia Cousot, Salvatore Guarnieri, ANDROMEDA: accurate and scalable security analysis of web applications fundamental approaches to software engineering. ,vol. 7793, pp. 210- 225 ,(2013) , 10.1007/978-3-642-37057-1_15
Ibéria Medeiros, Nuno F. Neves, Miguel Correia, Automatic detection and correction of web application vulnerabilities using data mining to predict false positives the web conference. pp. 63- 74 ,(2014) , 10.1145/2566486.2568024
Ping Chen, Nick Nikiforakis, Lieven Desmet, Christophe Huygens, Security Analysis of the Chinese Web: How well is it protected? Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation. pp. 3- 9 ,(2014) , 10.1145/2665936.2665938
Jin Yi, Runpu Wu, Juan Li, Qi Xiong, Fajiang Yu, Tao Peng, Zhenyu Yang, Bo Han, Similar vulnerability query based on text mining international symposium on communications and information technologies. pp. 339- 342 ,(2011) , 10.1109/ISCIT.2011.6089949
Stephan Neuhaus, Thomas Zimmermann, Security Trend Analysis with CVE Topic Models international symposium on software reliability engineering. pp. 111- 120 ,(2010) , 10.1109/ISSRE.2010.53
Baden Delamore, Ryan K.L. Ko, Escrow: A Large-Scale Web Vulnerability Assessment Tool trust security and privacy in computing and communications. pp. 983- 988 ,(2014) , 10.1109/TRUSTCOM.2014.130