Download now Free registration required
For most web applications, this interception may be achieved using network layer interposition or library interposition. It then develops a class of policies called syntax- and taint-aware policies that can accurately detect and/or block most injection attacks. An experimental evaluation shows that techniques are effective in detecting a broad range of attacks on applications written in multiple languages (including PHP, Java and C), and impose low performance overheads (below 5%).
- Format: PDF
- Size: 434 KB