Presentation | 2011-07-13 On Usage of Practical Web Application Source Code for Learning Support on Secure Coding Ryosuke MIYAJI, Seikoh NISHITA, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Security holes (vulnerabilities) in web applications causes security incidents like personal information leakage and virus infection of web pages. To maintain the safety of web applications, there are well-known programming techniques, that is, sanitization and input validation, which are obtained via leaning environment of textbooks or tools like WebGoat. The learning environment supports basic knowledge on the mechanism of the vulnerabilities, the way to attack them and the programming techniques. However, it is not sufficient to drill students to develop practical secure web applications with use of the programming techniques. In order for the training, the plenty of practical exercises, material of the exercises and computer-aided method to generate the exercises are required. This paper describes an examination toward the generation of the exercises from source code of practical vulnerable web applications. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | web application / vulnerability / web application vulnerability learning tool / escaping sql literals / illegal access |
Paper # | ISEC2011-22,SITE2011-19,ICSS2011-27,EMM2011-21 |
Date of Issue |
Conference Information | |
Committee | SITE |
---|---|
Conference Date | 2011/7/5(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Social Implications of Technology and Information Ethics (SITE) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | On Usage of Practical Web Application Source Code for Learning Support on Secure Coding |
Sub Title (in English) | |
Keyword(1) | web application |
Keyword(2) | vulnerability |
Keyword(3) | web application vulnerability learning tool |
Keyword(4) | escaping sql literals |
Keyword(5) | illegal access |
1st Author's Name | Ryosuke MIYAJI |
1st Author's Affiliation | Electronics and Information Science Course, Graduate School of Engineering, Takushoku University() |
2nd Author's Name | Seikoh NISHITA |
2nd Author's Affiliation | Department of Computer Science, Faculty of Engineering, Takushoku University |
Date | 2011-07-13 |
Paper # | ISEC2011-22,SITE2011-19,ICSS2011-27,EMM2011-21 |
Volume (vol) | vol.111 |
Number (no) | 124 |
Page | pp.pp.- |
#Pages | 7 |
Date of Issue |