Seminário Doutoral do Departamento de Informática

Discovering Web Vulnerabilities at an Intermediate Language Level

Sala 6.3.27, Ciências ULisboa

Por Paulo Antunes (orientadores: Nuno Neves e Ibéria Medeiros).

Web applications are a prime target for malicious actors to obtain private user information, such as credit card numbers and other sensitive details. Over the years, the number of vulnerabilities and attacks has increased, demonstrating that current solutions have shortcomings. For example, they can be prone to error or require too much resources/time from developers (or security analysts) to deliver results. We present a new approach to detecting vulnerabilities in web applications written in PHP by analyzing their representation in an Intermediate Language (IL) and simulating the execution through a new data structure.

Departamento de Informática | Ciências ULisboa