Automatic creation of SQL Injection and cross-site scripting attacks

@article{Kiezun2009AutomaticCO,
  title={Automatic creation of SQL Injection and cross-site scripting attacks},
  author={Adam Kiezun and Philip J. Guo and Karthick Jayaraman and Michael D. Ernst},
  journal={2009 IEEE 31st International Conference on Software Engineering},
  year={2009},
  pages={199-209}
}
We present a technique for finding security vulnerabilities in Web applications. SQL Injection (SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack in which the attacker crafts the input to the application to access or modify user data and execute malicious code. In the most serious attacks (called second-order, or persistent, XSS), an attacker can corrupt a database so as to cause subsequent users to execute malicious code. 
Highly Influential
This paper has highly influenced 25 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 317 citations. REVIEW CITATIONS
203 Citations
5 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 203 extracted citations

318 Citations

02040'10'12'14'16'18
Citations per Year
Semantic Scholar estimates that this publication has 318 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.

Similar Papers

Loading similar papers…