University of Twente Student Theses
As of Friday, 8 August 2025, the current Student Theses repository is no longer available for thesis uploads. A new Student Theses repository will be available starting Friday, 15 August 2025.
Generating Specifications to Verify the Correctness of Sanitizers
Huisman, D.A.J. (2021) Generating Specifications to Verify the Correctness of Sanitizers.
PDF
302kB |
Abstract: | Web applications widely use string sanitizers to prevent injection vulnerabilities, such as SQL injection and cross-site scripting (XSS). However, it is difficult to write correct sanitizers without introducing injection vulnerabilities. It is therefore important to verify the correctness of sanitizers. Previous work has presented an approach for verifying correctness by comparing learned models of sanitizers to specifications of the desired behaviour. It can be time-consuming to write these specifications by hand. Therefore, this paper presents an approach for automatically generating sanitizer specifications from minimal user input. Firstly, a classification of different types of sanitizer specifications was made. Secondly, automatic generation techniques have been conceived and implemented. Lastly, a domain-specific language is introduced which enables users to easily interact with the generation techniques. The domain-specific language also allows users to combine, export and test the generated sanitizer specifications. |
Item Type: | Essay (Bachelor) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science BSc (56964) |
Link to this item: | https://purl.utwente.nl/essays/85662 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page