Ontology of input validation attack patterns on web applications
Ontology of input validation attack patterns on web applications
Author(s): Adesina Sodiya, Joseph Shonubi, Adio Akinwale, Adebayo Adekoya, Tosin MewomoSubject(s): Economy
Published by: Wydawnictwo Uniwersytetu Ekonomicznego we Wrocławiu
Keywords: input validation attacks; patterns; ontology; web application
Summary/Abstract: Web applications have been the main intrusion target, and input errors from the web users lead to serious security vulnerabilities. Many web applications contain such errors, making them vulnerable to remotely exploitable input validation attacks such as SQL Injection, Command Injection, Meta-Characters, Formatting String, Path Traversal and Cross Site scripting. In this paper, we present ontology to represent patterns of input validation attacks on web applications. More specifically, our ontology is based on individual subclasses, properties and inverse functional properties, domain and range of input validation attack patterns. The ontology is implemented and interpreted with the web application development language OWL (Ontology Web Language).
Journal: Informatyka Ekonomiczna
- Issue Year: 2013
- Issue No: 30
- Page Range: 11-23
- Page Count: 13
- Language: English