LogicScope: automatic discovery of logic vulnerabilities within web applications

@inproceedings{Li2013LogicScopeAD,
  title={LogicScope: automatic discovery of logic vulnerabilities within web applications},
  author={Xiaowei Li and Yuan Xue},
  booktitle={AsiaCCS},
  year={2013}
}
Logic flaws are an important class of vulnerabilities within web applications, which allow sensitive information and restrictive operations to be accessed at inappropriate application states. In this paper, we take a first step towards a systematic black-box approach to identifying logic vulnerabilities within web applications. We first construct a partial FSM over the expected input domain by collecting and analyzing the execution traces when users follow the navigation paths within the web… CONTINUE READING

Similar Papers

Loading similar papers…