Presentation	2007-07-19 Evaluation of a library against injection attacks Takao OKUBO, Hidehiko TANAKA,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	Injection vulnerabilities, which enable attacks done by injecting command string into input data, have big percentage of total software vulnerabilities. Existing Programming techniques and libraries are not sufficient for complete solution and easy testing methods. We proposed a general convention set and a secure library for preventing and testing injection attacks. In this papaer, the library are evalluated with some sample application programs, and compared with other existing methods. And some improvement has done based on the results.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	software / vulnerability / injection attacks / coding convewntion / library
Paper #	ISEC2007-41,SITE2007-35
Date of Issue

Conference Information
Committee	SITE
Conference Date	2007/7/12(1days)
Place (in Japanese)	(See Japanese page)
Place (in English)
Topics (in Japanese)	(See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To	Social Implications of Technology and Information Ethics (SITE)
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	Evaluation of a library against injection attacks
Sub Title (in English)
Keyword(1)	software
Keyword(2)	vulnerability
Keyword(3)	injection attacks
Keyword(4)	coding convewntion
Keyword(5)	library
1st Author's Name	Takao OKUBO
1st Author's Affiliation	Fujitsu Laboratories ltd.()
2nd Author's Name	Hidehiko TANAKA
2nd Author's Affiliation	Institute of Information Security
Date	2007-07-19
Paper #	ISEC2007-41,SITE2007-35
Volume (vol)	vol.107
Number (no)	139
Page	pp.pp.-
#Pages	8
Date of Issue