A system to remediate cross-site scripting vulnerabilities /
Ahmed Ibrahim Mohamed Ibrahim
A system to remediate cross-site scripting vulnerabilities / نظام لعلاج ثغرات البرمجة عبر المواقع Ahmed Ibrahim Mohamed Ibrahim ; Supervised Amr Badr , Abeer Mohamed Elkorany , Mohammad Elramly - Cairo : Ahmed Ibrahim Mohamed Ibrahim , 2020 - 90 Leaves ; 30cm
Thesis (M.Sc.) - Cairo University - Faculty of Computers and Artificial Intelligence - Department of Software Engineering
The presence of software vulnerabilities is a serious threat to any software project. Exploiting them can compromise system availability, data integrity, and confidentiality. Avoiding the presence of software vulnerabilities is one of the most important actions in software engineering. Hence awareness of software vulnerabilities and their prevention techniques is a must. Coding practices, prevention techniques, and quality standards are required in this situation. However, the importance of software security, unfortunately, many open source projects go for years with undetected ready-to-exploit critical vulnerabilities. Also, many communicated developers and their project managers do not systematically apply these solutions under work pressures and deadlines. And after that, the detected vulnerabilities during review will be many and fixing them will waste time, efforts and money compared to fixing them during implementation by applying standards and appropriate techniques. Cross site-scripting (XSS) is one a vulnerability with high severity. In this study our target is to help developers avoid cross-site scripting vulnerabilities by providing a framework that could detect such vulnerabilities and suggest solutions to replace vulnerable parts by applying prevention techniques. Using deep learning and Recurrent Neural Networks a framework for PHP XSS vulnerabilities remediation was proposed. Our framework was built with an integration with RIPS (Static analysis tool for PHP) for detection and recommending remediation for the developer
Cross site scripting Software Security Software vulnerabilities
A system to remediate cross-site scripting vulnerabilities / نظام لعلاج ثغرات البرمجة عبر المواقع Ahmed Ibrahim Mohamed Ibrahim ; Supervised Amr Badr , Abeer Mohamed Elkorany , Mohammad Elramly - Cairo : Ahmed Ibrahim Mohamed Ibrahim , 2020 - 90 Leaves ; 30cm
Thesis (M.Sc.) - Cairo University - Faculty of Computers and Artificial Intelligence - Department of Software Engineering
The presence of software vulnerabilities is a serious threat to any software project. Exploiting them can compromise system availability, data integrity, and confidentiality. Avoiding the presence of software vulnerabilities is one of the most important actions in software engineering. Hence awareness of software vulnerabilities and their prevention techniques is a must. Coding practices, prevention techniques, and quality standards are required in this situation. However, the importance of software security, unfortunately, many open source projects go for years with undetected ready-to-exploit critical vulnerabilities. Also, many communicated developers and their project managers do not systematically apply these solutions under work pressures and deadlines. And after that, the detected vulnerabilities during review will be many and fixing them will waste time, efforts and money compared to fixing them during implementation by applying standards and appropriate techniques. Cross site-scripting (XSS) is one a vulnerability with high severity. In this study our target is to help developers avoid cross-site scripting vulnerabilities by providing a framework that could detect such vulnerabilities and suggest solutions to replace vulnerable parts by applying prevention techniques. Using deep learning and Recurrent Neural Networks a framework for PHP XSS vulnerabilities remediation was proposed. Our framework was built with an integration with RIPS (Static analysis tool for PHP) for detection and recommending remediation for the developer
Cross site scripting Software Security Software vulnerabilities