2011 | OriginalPaper | Buchkapitel
An Improved Sanitizing Mechanism Based on Heuristic Constraining Method
verfasst von : Jan-Min Chen
Erschienen in: Advanced Research on Electronic Commerce, Web Application, and Communication
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
An injection flaw is the result of an invalidated input. Some input validation programs are poorly written, lacking even the most basic security procedures for constraining input. Enforcing proper input validation is an effective countermeasure to use as a defense against injection attacks. However it may induce some detection errors because of improper sanitizing rules. In this paper, we propose a heuristic mechanism that can automatically generate proper validation rules based on each vulnerable injection point. The method can also both guarantee security (false negatives) and convenience (false positives). The experimental results show that our method has better detection accuracy while compared with other constraining strategies.