Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking.
Michael C. MartinMonica S. LamPublished in: USENIX Security Symposium (2008)
Keyphrases
- goal directed
- model checking
- sql injection attacks
- web applications
- temporal logic
- formal specification
- model checker
- temporal properties
- formal verification
- bounded model checking
- timed automata
- symbolic model checking
- automated verification
- reachability analysis
- web services
- autonomous robots
- verification method
- sql injection
- concurrent systems
- process algebra
- pspace complete
- computation tree logic
- epistemic logic
- transition systems
- end users
- formal methods
- planning domains
- software engineering
- expert systems