Efficient and Flexible Discovery of PHP Application Vulnerabilities

Backes, Michael and Rieck, Konrad and Skoruppa, Malte and Stock, Ben and Yamaguchi, Fabian
(2017) Efficient and Flexible Discovery of PHP Application Vulnerabilities.
In: Proceedings of the 2nd IEEE European Symposium on Security and Privacy (Euro S&P '17).
Conference: EuroS&P IEEE European Symposium on Security and Privacy

[img]
Preview
 Text
skoruppa_eurosp2017.pdf - Published Version
Download (334kB) | Preview

Abstract

The Web today is a growing universe of pages and applications teeming with interactive content. The security of such applications is of the utmost importance, as exploits can have a devastating impact on personal and economic levels. The number one programming language in Web applications is PHP, powering more than 80% of the top ten million websites. Yet it was not designed with security in mind, and, today, bears a patchwork of fixes and inconsistently designed functions with often unexpected and hardly predictable behavior that typically yield a large attack surface. Consequently, it is prone to different types of vulnerabilities, such as SQL Injection or Cross-Site Scripting. In this paper, we present an interprocedural analysis technique for PHP applications based on code property graphs that scales well to large amounts of code and is highly adaptable in its nature. We implement our prototype using the latest features of PHP 7, leverage an efficient graph database to store code property graphs for PHP, and subsequently identify different types of Web application vulnerabilities by means of programmable graph traversals. We show the efficacy and the scalability of our approach by reporting on an analysis of 1,854 popular open-source projects, comprising almost 80 million lines of code.

Item Type: Conference or Workshop Item (A Paper) (Paper)
Additional Information: pub_id: 1116 Bibtex: Skoruppa:EuroSP17:Efficient URL date: None
Divisions: Michael Backes (InfSec)
Ben Stock (Secure Web Applications Group, SWAG)
Conference: EuroS&P IEEE European Symposium on Security and Privacy
Depositing User: Sebastian Weisgerber
Date Deposited: 26 Jul 2017 10:29
Last Modified: 18 Jul 2019 12:12
Primary Research Area: NRA5: Empirical & Behavioral Security
URI: https://publications.cispa.saarland/id/eprint/357

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.