Related papers: Reverse Proxy Framework using Sanitization Techniq…
XSS is a security vulnerability that permits injecting malicious code into the client side of a web application. In the simplest situations, XSS vulnerabilities arise when a web application includes the user input in the web output without…
With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…
Security is unarguably the most serious concern for Web applications, to which SQL injection (SQLi) attack is one of the most devastating attacks. Automatically testing SQLi vulnerabilities is of ultimate importance, yet is unfortunately…
SQL Injection (SQLi) continues to pose a significant threat to the security of web applications, enabling attackers to manipulate databases and access sensitive information without authorisation. Although advancements have been made in…
The services of internet place a key role in the daily life by enabling the in sequence from anywhere. To provide somewhere to stay the communication and management in applications the web services has stimulated to multitier design. In…
The rapid advancement of information technology has introduced a noticeable shift from traditional offline practices to more efficient and interconnected online environments. This transition, while offering convenience, has also increased…
We present a formal approach that exploits attacks related to SQL Injection (SQLi) searching for security flaws in a web application. We give a formal representation of web applications and databases, and show that our formalization…
This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…
The goal of the presented work is to illustrate a method by which the data exchange between a standalone computer software and a shared database server can be protected of unauthorized interceptation of the traffic in Internet network, a…
Sanitizing sensitive text data typically involves removing personally identifiable information (PII) or generating synthetic data under the assumption that these methods adequately protect privacy; however, their effectiveness is often only…
Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a…
Web caching is essential for the World Wide Web, saving processing power, bandwidth, and reducing latency. Many proxy caching solutions focus on buffering data from the main server, neglecting cacheable information meant for server writes.…
Natural language user interfaces to database systems have been studied for several decades now. They have mainly focused on parsing and interpreting natural language queries to generate them in a formal database language. We envision the…
SQL injection (SQLi) attacks pose a significant threat to the security of web applications. Existing approaches do not support object-oriented programming that renders these approaches unable to protect the real-world web apps such as…
Proxy servers are being increasingly deployed at organizations for performance benefits; however, there still exists drawbacks in ease of client authentication in interception proxy mode mainly for Open Source Proxy Servers. Technically, an…
Stream processing systems are important in modern applications in which data arrive continuously and need to be processed in real time. Because of their resource and scalability requirements, many of these systems run on the cloud, which is…
The traditional design principle for Internet protocols indicates: "Be strict when sending and tolerant when receiving" [RFC1958], and DNS is no exception to this. The transparency of DNS in handling the DNS records, also standardised…
In encrypted databases, sensitive data is protected from an untrusted server by encrypting columns using partially homomorphic encryption schemes, and storing encryption keys in a trusted client. However, encrypting columns and protecting…
A practical face recognition system demands not only high recognition performance, but also the capability of detecting spoofing attacks. While emerging approaches of face anti-spoofing have been proposed in recent years, most of them do…
Though not yet widely deployed, password-authenticated key exchange (PAKE) protocols have been the subject of several recent standardization efforts, partly because of their resistance against various guessing attacks, but also because they…