Home|Research|Publications|CV

WASP

Web Application SQL-Injection Preventer

SQLIA are bad

our approach intuitively

pos. tainting and syntax aware eval

adv of our approach compared to others practical and conceptual

Overview of evaluation

Contributions

Publications related to WASP:

Paper
BibTex
WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation
W. Halfond, A. Orso and P. Manolios
Transactions on Software Engineering. (To appear.)
Paper
BibTex
Slides
Using Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks
W. Halfond, A. Orso and P. Manolios
Foundations of Software Engineering (FSE 2006)
Home|Research|Publications|CV