文字列に着目した情報フロー追跡によるインジェクション攻撃の検出(セキュリティ・その他,組込技術とネットワークに関するワークショップETNET2008)

Presentation	2008/3/20 String-Aware Information Flow Tracking to Detect Injection Attacks Satoshi KATSUNUMA, Ryota SHIOYA, Hidetsugu IRIE, Masahiro GOSHIMA, Shuichi SAKAI,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	High-level injection attacks, which exploit SQL injection and cross-site scripting, have a significant effect on computer security. We propose String-Wise Information Flow Tracking (SWIFT), which detects a wide range of these attacks. SWIFT propagates tags by string operations, which leads to high propagation accuracy.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	security / vulnerability / injection attack / processor / DIFT / string
Paper #	CPSY2007-84,DC2007-88
Date of Issue

Paper Information
Registration To	Dependable Computing (DC)
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	String-Aware Information Flow Tracking to Detect Injection Attacks
Sub Title (in English)
Keyword(1)	security
Keyword(2)	vulnerability
Keyword(3)	injection attack
Keyword(4)	processor
Keyword(5)	DIFT
Keyword(6)	string
1st Author's Name	Satoshi KATSUNUMA
1st Author's Affiliation	Graduate School of Information Science and Technology, The University of Tokyo()
2nd Author's Name	Ryota SHIOYA
2nd Author's Affiliation	Graduate School of Information Science and Technology, The University of Tokyo
3rd Author's Name	Hidetsugu IRIE
3rd Author's Affiliation	Japan Science and Technology Agency
4th Author's Name	Masahiro GOSHIMA
4th Author's Affiliation	Graduate School of Information Science and Technology, The University of Tokyo
5th Author's Name	Shuichi SAKAI
5th Author's Affiliation	Graduate School of Information Science and Technology, The University of Tokyo
Date	2008/3/20
Paper #	CPSY2007-84,DC2007-88
Volume (vol)	vol.107
Number (no)	559
Page	pp.pp.-
#Pages	6
Date of Issue