WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation

  title={WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation},
  author={William G. J. Halfond and Alessandro Orso and Panagiotis Manolios},
  journal={IEEE Transactions on Software Engineering},
Many software systems have evolved to include a Web-based component that makes them available to the public via the Internet and can expose them to a variety of Web-based attacks. One of these attacks is SQL injection, which can give attackers unrestricted access to the databases that underlie Web applications and has become increasingly frequent and serious. This paper presents a new highly automated approach for protecting Web applications against SQL injection that has both conceptual and… CONTINUE READING
Highly Influential
This paper has highly influenced 26 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 150 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 108 extracted citations

151 Citations

Citations per Year
Semantic Scholar estimates that this publication has 151 citations based on the available data.

See our FAQ for additional information.

Similar Papers

Loading similar papers…