학술논문
Improved Vulnerability Handling Framework to Automatically Fix Vulnerable Web Applications
Document Type
Conference
Author
Source
2023 Eleventh International Symposium on Computing and Networking Workshops (CANDARW) CANDARW Computing and Networking Workshops (CANDARW), 2023 Eleventh International Symposium on. :208-212 Nov, 2023
Subject
Language
ISSN
2832-1324
Abstract
With the spread of smartphones and personal computers, many people are using Web applications. Web applications are subject to various attacks from all over the world through the Internet. However, it is difficult for web application developers to always create secure web applications. This paper aims to support the creation of secure Web applications by automatically fixing vulnerable code with a Web application framework. Therefore, we use a web application framework called VHF (Vulnerability Handling Framework) [1]. We propose to add a new variable to the source code update system, which is part of the VHF functions. By doing so, we hope to reduce the cost of adding methods to fix vulnerabilities in VHF and increase the flexibility of the fix methods. Using an Electronic Commerce site as an example situation, a simple Web application will be created to confirm the effectiveness of the proposed method.