MACE: Detecting Privilege Escalation Vulnerabilities in Web Applications

  title={MACE: Detecting Privilege Escalation Vulnerabilities in Web Applications},
  author={Maliheh Monshizadeh and Prasad Naldurg and V. N. Venkatakrishnan},
  booktitle={ACM Conference on Computer and Communications Security},
We explore the problem of identifying unauthorized privilege escalation instances in a web application. These vulnerabilities are typically caused by missing or incorrect authorizations in the server side code of a web application. The problem of identifying these vulnerabilities is compounded by the lack of an access control policy specification in a typical web application, where the only supplied documentation is in fact its source code. This makes it challenging to infer missing checks that… CONTINUE READING
Highly Cited
This paper has 17 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 13 extracted citations


Publications referenced by this paper.
Showing 1-3 of 3 references

Similar Papers

Loading similar papers…