Business applications are complex artefacts implementing custom business logic. While much research effort has been put in the identification of technical vulnerabilities (such as buffer overflows and SQL injections), application-level logic vulnerabilities have drawn relatively limited attention, thus putting the application's mission at risk. In this paper, we design, implement, and evaluate a novel heuristic application-independent framework, which combines static and dynamic analysis, input vector, and information extraction analysis, along with a fuzzy logic system, so as to detect and assert the criticality of application-level logic vulnerabilities in Java stand-alone GUI applications. © 2012 Springer-Verlag.
CITATION STYLE
Stergiopoulos, G., Tsoumas, B., & Gritzalis, D. (2012). Hunting application-level logical errors. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7159 LNCS, pp. 135–142). https://doi.org/10.1007/978-3-642-28166-2_13
Mendeley helps you to discover research relevant for your work.