Conference Proceedings

Securing large applications against command injections

Proceedings - International Carnahan Conference on Security Technology (2007) 69-78
DOI: 10.1109/CCST.2007.4373470
3Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.
Get full text

Abstract

The ability to produce more secure software or to improve the security of existing software is a growing concern and a real challenge for the field of software engineering. Among the various existing types of software vulnerabilities, command injections are particularly common. It is a difficult problem to address, having seemingly endless variations. We present here a unified, formal definition of command injections that, is not based on a particular technology and captures not only the existing variations but also the future instances of the problem. We then propose a simple, yet effective strategy to deal with the problem in existing large applications, focusing on the cost effectiveness of the method. We also report on successful experiments applying our solution to large commercial applications. ©2007 IEEE.

Cite

CITATION STYLE

APA

Jourdan, G. V. (2007). Securing large applications against command injections. In Proceedings - International Carnahan Conference on Security Technology (pp. 69–78). https://doi.org/10.1109/CCST.2007.4373470

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free