Publication:
An Improved Static Analysis Approach For Detecting Input Validation Vulnerabilities In Web Application

Thumbnail Image
Date
2025-09
Authors
Marashdih, Abdalla Wasef Mohammad
Journal Title
Journal ISSN
Volume Title
Publisher
Research Projects
Organizational Units
Journal Issue
Abstract
This thesis proposes a novel approach for detecting XSS and SQLi vulnerabilities. First, a static analysis technique is introduced to identify feasible execution paths in the PHP source code, an area currently lacking dedicated tools or methods. Identifying feasible paths significantly reduces false positives in static analysis outcomes. Second, taint analysis is employed to trace the sources of vulnerabilities, confirm their execution, and assess the application of appropriate sanitisation along those feasible paths.
Description
Keywords
Web applications , Computer security
Citation
URI
https://erepo.usm.my/handle/123456789/24275
Collections
Pusat Pengajian Sains Komputer - Tesis