Browse wiki

From Navigators

Jump to: navigation, search
Publication:Miguel Fale Tese
Abstract For over two decades, the web has been evo For over two decades, the web has been evolving from a simple set of hypermedia documents to a complex ecosystem of web applications that are supported by various frameworks. This paradigm shift has been promoting a series of practices that lead to an increasing number of vulnerabilities, which can compromise the security of web applications. One of the main contributing factors lies in vulnerable source code, written in unsafe languages such as PHP. In order to mitigate the problem, a large research effort on web application security has occurred over the past years. Source code static analysis tools perform the task of finding program vulnerabilities in an automated fashion. These tools offer superior code coverage, easier integration into the application development cycle, and do not require the actual code to be executed. They instead perform source code analysis, looking for potential bugs while inspecting the program code. However, the analysis performed by these tools depends on their knowledge of the classes of vulnerabilities and the implementation of analysis techniques, such as taint analysis. This means that, on one hand, the tools only search for vulnerabilities in the source code that they hold knowledge of, being unable to find other kinds of problems. On the other hand, the tools may generate false positives and false negatives, due to the limitations and incompleteness of implemented analysis techniques. One of such tools is the Web Application Protection (WAP). The main objective of this dissertation is to identify problems with WAP and improve its vulnerability detection capabilities, when processing open source PHP code. Four static analysis tools - WAP, Pixy, phpSAFE and RIPS - are evaluated against a set of WordPress plugins that are known to be vulnerable, in order to collect examples of incorrect processing of the tools which lead, for instance, to false negatives. Additionally, we define and evaluate several use cases for a common found limitation, which consists in the identification and circumvention of circular dependencies (i.e., recursive inclusion of code) in the source code. If circular dependencies are not treated correctly, they may lead to unexpected tool behaviors and incorrect analyses. These assessments help reflecting upon new solutions to address WAP’s shortcomings. A new version of WAP is implemented, and evaluated with the same original WordPress plugins. This dissertation offers the following contributions. A list of vulnerabilities is compiled through manual analysis of the plugins, in a format that allows comparison between the chosen tools, and the identification of common false negatives. An enhanced version of WAP is implemented, with improved detection capabilities that reduce both false positives and false negatives. Two evaluations concerning WAP and a set of WordPress plugins are present, comparing the results before and after the enhancements, respectively. and after the enhancements, respectively.
Advisor Nuno Ferreira Neves + , Ibéria Medeiros +
Author Miguel Falé +
Key Miguel Fale Tese  +
Month dec  +
NumPubDate 2,017.12  +
Project Project:SEGRID +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
School Mestrado em Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa  +
Title Improving Vulnerability Detection of WAP  +
Type mastersthesis  +
Year 2017  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 10 December 2017 00:02:39  +
hide properties that link here 
  No properties link to this page.
 

 

Enter the name of the page to start browsing from.
Views
Personal tools
Toolbox
Navigators toolbox