Computing Professor Addresses Deadliest Web Site Attacks

June 22, 2006

ATLANTA (June 23, 2006)--Alessandro Orso, assistant professor within the College's Computing Sciences & Systems (CSS) division, was cited in a recent Atlanta Business Chronicle article for his research on countering Web-application attacks. Orso is the PI on a $400,000 grant from the Department of Homeland Security and U.S. Air Force to develop techniques against SQL injection. The title of the project is "Preventing SQL Code Injection by Combining Static and Runtime Analysis."

Many organizations need to store sensitive information, such as customer records or private documents, and make this information available over the network. For this reason, Web applications have become widely deployed in enterprise systems and on the Internet, and people use these applications daily when reading the news, paying bills, and shopping online. As the availability of these services grows however, companies are witnessing an increase in the number and sophistication of attacks that target them.

Orso's work combines static and dynamic program analysis techniques to identify, stop, and report these attacks against Web applications. "It's hard to find companies glad to tell you that they are being attacked," says Orso in the article, but with the help of his research, companies hopefully won't need to.

Read Atlanta Business Chronicle’s recent article about the rise of SQL injection attacks by clicking here.

For more information about Alex Orso, click here