An Improved Static Analysis Approach For Detecting Input Validation Vulnerabilities In Web Application

Marashdih, Abdalla Wasef Mohammad (2025) An Improved Static Analysis Approach For Detecting Input Validation Vulnerabilities In Web Application. PhD thesis, Universiti Sains Malaysia.

[img] PDF
Download (966kB)

Abstract

This thesis proposes a novel approach for detecting XSS and SQLi vulnerabilities. First, a static analysis technique is introduced to identify feasible execution paths in the PHP source code, an area currently lacking dedicated tools or methods. Identifying feasible paths significantly reduces false positives in static analysis outcomes. Second, taint analysis is employed to trace the sources of vulnerabilities, confirm their execution, and assess the application of appropriate sanitisation along those feasible paths.

Item Type: Thesis (PhD)
Subjects: Q Science > QA Mathematics > QA75.5-76.95 Electronic computers. Computer science
Divisions: Pusat Pengajian Sains Komputer (School of Computer Sciences) > Thesis
Depositing User: Mr Aizat Asmawi Abdul Rahim
Date Deposited: 21 May 2026 02:54
Last Modified: 21 May 2026 02:54
URI: http://eprints.usm.my/id/eprint/64256

Actions (login required)

View Item View Item
USM Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.
Share