Muath Alkhalaf

Learn More
Verifying string manipulating programs is a crucial problem in computer security. String operations are used extensively within web applications to manipulate user input, and their erroneous use is the most common cause of security vulnerabilities in web applications. We present an automata-based approach for symbolic analysis of string manipulating(More)
STRANGER is an automata-based string analysis tool for finding and eliminating string-related security vulnerabilities in PHP applications. STRANGER uses symbolic forward and backward reachability analyses to compute the possible values that the string expressions can take during program execution. STRANGER can automatically (1) prove that an application is(More)
We present automata-based static string analysis techniques that automatically generate sanitization statements for patching vulnerable web applications. Our approach consists of three phases: Given an attack pattern we first conduct a vulnerability analysis to identify if strings that match the attack pattern can reach the security-sensitive functions.(More)
Given a program and an attack pattern (specified as a regular expression), we automatically generate string-based vulnerability signatures, i.e., a characterization that includes all malicious inputs that can be used to generate attacks. We use an automata-based string analysis framework. Using forward reachability analysis we compute an over-approximation(More)
The comparative effect of oestradiol-17 beta, oestrone and oestrone-3-sulphate was examined on guinea-pig endometrium in primary culture. A parallel study was conducted in vivo to appreciate hormonal effects on the uterine luminal surface of ovariectomized guinea-pigs. Scanning electron microscopy studies showed that uterine epithelial cells were responsive(More)
Primary culture of guinea-pig endometrial cells was made quiescent by serum depletion. When added to quiescent cells, 17 beta-estradiol (E2) alone affected neither c-fos and c-myc gene expression, nor DNA synthesis and cell proliferation. Insulin or epidermal growth factor (EGF) only induced DNA synthesis. An association of both growth factors allowed(More)
The c-fos expression was investigated in primary culture of guinea pig glandular epithelial cells. These cells were made quiescent by serum deprivation and stimulated with fetal calf serum (FCS, 15%), 17 beta-estradiol (E2 10(-8) mol/l) alone or in combination with epidermal growth factor (EGF, 100 ng/ml) and insulin (I, 10 micrograms/ml). Low levels of(More)
Asynchronous JavaScript and XML (Ajax) is a collection of technologies used to develop rich and interactive Web applications. A typical Ajax client runs locally in the user's Web browser and refreshes its interface on the fly in response to user input. Using this method with the AWS-ECS let us automatically generate test sequences and detect two deviations(More)
Correct validation and sanitization of user input is crucial in web applications for avoiding security vulnerabilities and erroneous application behavior. We present an automated differential repair technique for input validation and sanitization functions. Differential repair can be used within an application to repair client and server-side code with(More)
The effects of 17 beta-estradiol (E2), epidermal growth factor (EGF) and insulin, alone or in association on guinea-pig uterine epithelial cell proliferation were examined in serum-free culture conditions. Primary cultures of epithelial cells were made quiescent by serum depletion, then incubated in a chemically defined medium. In this medium, insulin(More)