An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving

Author

Julian THOME
Lwin Khin SHAR, Singapore Management UniversityFollow
Domenico BIANCULLI
Lionel BRIAND

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

6-2018

Abstract

Malicious users can attack Web applications by exploiting injection vulnerabilities in the source code. This work addresses the challenge of detecting injection vulnerabilities in the server-side code of Java Web applications in a scalable and effective way. We propose an integrated approach that seamlessly combines security slicing with hybrid constraint solving; the latter orchestrates automata-based solving with meta-heuristic search. We use static analysis to extract minimal program slices relevant to security from Web programs and to generate attack conditions. We then apply hybrid constraint solving to determine the satisfiability of attack conditions and thus detect vulnerabilities. The experimental results, using a benchmark comprising a set of diverse and representative Web applications/services as well as security benchmark applications, show that our approach (implemented in the JOACO tool) is significantly more effective at detecting injection vulnerabilities than state-of-the-art approaches, achieving 98% recall, without producing any false alarm. We also compared the constraint solving module of our approach with state-of-the-art constraint solvers, using six different benchmark suites; our approach correctly solved the highest number of constraints (665 out of 672), without producing any incorrect result, and was the one with the least number of time-out/failing cases. In both scenarios, the execution time was practically acceptable, given the offline nature of vulnerability detection.

Keywords

Vulnerability detection, constraint solving, static analysis, search-based software engineering

Discipline

Information Security | Software Engineering

Research Areas

Cybersecurity

Publication

IEEE Transactions on Software Engineering

First Page

1

Last Page

32

ISSN

0098-5589

Identifier

10.1109/TSE.2018.2844343

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Citation

THOME, Julian; SHAR, Lwin Khin; BIANCULLI, Domenico; and BRIAND, Lionel. An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving. (2018). IEEE Transactions on Software Engineering. 1-32.
Available at: https://ink.library.smu.edu.sg/sis_research/4892

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TSE.2018.2844343